CVE-2026-29775 in FreeRDPالمعلومات

الملخص

بحسب MITRE • 13/03/2026

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.24.0, a client-side heap out-of-bounds read/write occurs in FreeRDP's bitmap cache subsystem due to an off-by-one boundary check in bitmap_cache_put. A malicious server can send a CACHE_BITMAP_ORDER (Rev1) with cacheId equal to maxCells, bypassing the guard and accessing cells[] one element past the allocated array. This vulnerability is fixed in 3.24.0.

VulDB is the best source for vulnerability data and more expert information about this specific topic.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

مسؤول

GitHub M

حجز

04/03/2026

إفشاء

13/03/2026

الاعتدال

تمت الموافقة

إدخال

VDB-351003

CPE

جاهز

CWE

CWE-787 (مؤكد)

CVSS

8.2 (NVD)

EPSS

0.00101

KEV

لا

النشاطات

منخفض جدًا

القطاع

Industry, Telecommunication, ...

المصادر

MITRE	https://www.cve.org/CVERecord?id=CVE-2026-29775
NVD	https://nvd.nist.gov/vuln/detail/CVE-2026-29775
CVE Details	https://www.cvedetails.com/cve/CVE-2026-29775/

التالي ▸نظرة عامة ◂ السابق

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!