CVE-2026-44420 | THREATINT

Description

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.26.0, a malicious RDP client can trigger a heap-buffer-overflow write in FreeRDP's server-side clipboard (cliprdr) channel by sending a CB_CLIP_CAPS PDU with a too-small capabilitySetLength. This can crash the server process (remote DoS) and may be exploitable for code execution because it corrupts heap memory. This vulnerability is fixed in 3.26.0.

PUBLISHED Reserved 2026-05-06 | Published 2026-05-29 | Updated 2026-06-02 | Assigner GitHub_M

HIGH: 8.8CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Problem types

CWE-122: Heap-based Buffer Overflow

Product status

< 3.26.0

affected

References

github.com/...ttplib/security/advisories/GHSA-h6wq-j5mv-f3q8 exploit

github.com/...reeRDP/security/advisories/GHSA-mvpx-xj7r-3p3r

cve.org (CVE-2026-44420)

nvd.nist.gov (CVE-2026-44420)

Download JSON