Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

2481 matches found

OSV
OSVadded 2026/03/13 7:54 p.m.2 views

UBUNTU-CVE-2026-31897

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.24.0, there is an out-of-bounds read in freerdpbitmapdecompressplanar when SrcSize is 0. The function dereferences srcp which points to pSrcData without first verifying that SrcSize = 1. When SrcSize is 0 and pSrcData is...

9.1CVSS5.8AI score0.00058EPSS
Exploits1References4
UbuntuCve
UbuntuCveadded 2026/03/13 7:54 p.m.2 views

CVE-2026-29776

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.24.0, Integer Underflow in updatereadcachebitmaporder Function of FreeRDP's Core Library This vulnerability is fixed in 3.24.0...

3.1CVSS5.9AI score0.00059EPSS
Exploits0References3
OSV
OSVadded 2026/03/13 7:54 p.m.2 views

UBUNTU-CVE-2026-29775

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.24.0, a client-side heap out-of-bounds read/write occurs in FreeRDP's bitmap cache subsystem due to an off-by-one boundary check in bitmapcacheput. A malicious server can send a CACHEBITMAPORDER Rev1 with cacheId equal to...

8.2CVSS5.8AI score0.00101EPSS
Exploits1References4
OSV
OSVadded 2026/03/13 7:54 p.m.1 views

UBUNTU-CVE-2026-29776

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.24.0, Integer Underflow in updatereadcachebitmaporder Function of FreeRDP's Core Library This vulnerability is fixed in 3.24.0...

3.1CVSS5.8AI score0.00059EPSS
Exploits0References4
RedhatCVE
RedhatCVEadded 2026/03/13 7:48 p.m.3 views

CVE-2026-31897

An out of bounds read flaw has been discovered in FreeRDP. This Out-of-bounds read exists in the freerdpbitmapdecompressplanar function when SrcSize is 0. This flaw may allow an attcker to read of 1 byte from heap memory in some situation. The more common and expected impact is a crash when the...

9.1CVSS5.6AI score0.00058EPSS
Exploits1References5
RedhatCVE
RedhatCVEadded 2026/03/13 7:48 p.m.2 views

CVE-2026-29775

A heap based buffer overflow flaw has been discovered in FreeRDP. This client-side heap out-of-bounds read/write occurs in FreeRDP's bitmap cache subsystem due to an off-by-one boundary check in bitmapcacheput. A malicious server can send a CACHEBITMAPORDER Rev1 with cacheId equal to maxCells,...

8.2CVSS6.1AI score0.00101EPSS
Exploits1References5
RedhatCVE
RedhatCVEadded 2026/03/13 7:3 p.m.0 views

CVE-2026-31806

A flaw was found in FreeRDP, a free implementation of the Remote Desktop Protocol RDP. The gdisurfacebits function, which processes SURFACEBITSCOMMAND messages, does not properly validate image dimensions bmp.width and bmp.height provided by a malicious RDP server. This can lead to a heap buffer...

9.8CVSS6.2AI score0.00033EPSS
Exploits1References5
EUVD
EUVDadded 2026/03/13 5:42 p.m.2 views

EUVD-2026-12064

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.24.0, there is an out-of-bounds read in freerdpbitmapdecompressplanar when SrcSize is 0. The function dereferences srcp which points to pSrcData without first verifying that SrcSize = 1. When SrcSize is 0 and pSrcData is...

5.8AI score0.00058EPSS
Exploits1References2
ATTACKERKB
ATTACKERKBadded 2026/03/13 5:42 p.m.6 views

CVE-2026-31897

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.24.0, there is an out-of-bounds read in freerdpbitmapdecompressplanar when SrcSize is 0. The function dereferences srcp which points to pSrcData without first verifying that SrcSize = 1. When SrcSize is 0 and pSrcData is...

5.8AI score0.00058EPSS
Exploits1References3Affected Software1
Vulnrichment
Vulnrichmentadded 2026/03/13 5:42 p.m.3 views

CVE-2026-31897 FreeRDP has an out-of-bounds read in `freerdp_bitmap_decompress_planar`

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.24.0, there is an out-of-bounds read in freerdpbitmapdecompressplanar when SrcSize is 0. The function dereferences srcp which points to pSrcData without first verifying that SrcSize = 1. When SrcSize is 0 and pSrcData is...

5.8AI score0.00058EPSS
Exploits1References2
Cvelist
Cvelistadded 2026/03/13 5:42 p.m.21 views

CVE-2026-31897 FreeRDP has an out-of-bounds read in `freerdp_bitmap_decompress_planar`

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.24.0, there is an out-of-bounds read in freerdpbitmapdecompressplanar when SrcSize is 0. The function dereferences srcp which points to pSrcData without first verifying that SrcSize = 1. When SrcSize is 0 and pSrcData is...

0.00058EPSS
Exploits1References2
AlpineLinux
AlpineLinuxadded 2026/03/13 5:42 p.m.1 views

CVE-2026-31897

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.24.0, there is an out-of-bounds read in freerdpbitmapdecompressplanar when SrcSize is 0. The function dereferences srcp which points to pSrcData without first verifying that SrcSize = 1. When SrcSize is 0 and pSrcData is...

9.1CVSS5.8AI score0.00058EPSS
Exploits1
CVE
CVEadded 2026/03/13 5:40 p.m.15 views

CVE-2026-31806

Summary: CVE-2026-31806 affects FreeRDP prior to 3.24.0, where the gdi_surface_bits() handler (NSCodec path) can process SURFACE_BITS_COMMAND messages with unsafe bmp.width/bmp.height values, enabling a heap buffer overflow by crafting server data. The issue arises when width/height are not prope...

9.8CVSS6.3AI score0.00033EPSS
Exploits1References2Affected Software1
Cvelist
Cvelistadded 2026/03/13 5:40 p.m.21 views

CVE-2026-31806 FreeRDP has a Heap Buffer Overflow in nsc_process_message() via Unchecked SURFACE_BITS_COMMAND Bitmap Dimensions

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.24.0, the gdisurfacebits function processes SURFACEBITSCOMMAND messages sent by the RDP server. When the command is handled using NSCodec, the bmp.width and bmp.height values provided by the server are not properly...

9.3CVSS0.00033EPSS
Exploits1References2
ATTACKERKB
ATTACKERKBadded 2026/03/13 5:40 p.m.8 views

CVE-2026-31806

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.24.0, the gdisurfacebits function processes SURFACEBITSCOMMAND messages sent by the RDP server. When the command is handled using NSCodec, the bmp.width and bmp.height values provided by the server are not properly...

9.3CVSS6.3AI score0.00033EPSS
Exploits1References3Affected Software1
Vulnrichment
Vulnrichmentadded 2026/03/13 5:40 p.m.3 views

CVE-2026-31806 FreeRDP has a Heap Buffer Overflow in nsc_process_message() via Unchecked SURFACE_BITS_COMMAND Bitmap Dimensions

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.24.0, the gdisurfacebits function processes SURFACEBITSCOMMAND messages sent by the RDP server. When the command is handled using NSCodec, the bmp.width and bmp.height values provided by the server are not properly...

9.3CVSS6.3AI score0.00033EPSS
Exploits1References2
ATTACKERKB
ATTACKERKBadded 2026/03/13 5:33 p.m.4 views

CVE-2026-29776

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.24.0, Integer Underflow in updatereadcachebitmaporder Function of FreeRDP's Core Library This vulnerability is fixed in 3.24.0...

3.1CVSS5.8AI score0.00059EPSS
Exploits0References3Affected Software1
Vulnrichment
Vulnrichmentadded 2026/03/13 5:33 p.m.2 views

CVE-2026-29776 FreeRDP has an Integer Underflow in update_read_cache_bitmap_order Function of FreeRDP's Core Library

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.24.0, Integer Underflow in updatereadcachebitmaporder Function of FreeRDP's Core Library This vulnerability is fixed in 3.24.0...

3.1CVSS5.8AI score0.00059EPSS
Exploits0References2
AlpineLinux
AlpineLinuxadded 2026/03/13 5:33 p.m.2 views

CVE-2026-29776

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.24.0, Integer Underflow in updatereadcachebitmaporder Function of FreeRDP's Core Library This vulnerability is fixed in 3.24.0...

3.1CVSS5.8AI score0.00059EPSS
Exploits0
Cvelist
Cvelistadded 2026/03/13 5:33 p.m.24 views

CVE-2026-29776 FreeRDP has an Integer Underflow in update_read_cache_bitmap_order Function of FreeRDP's Core Library

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.24.0, Integer Underflow in updatereadcachebitmaporder Function of FreeRDP's Core Library This vulnerability is fixed in 3.24.0...

3.1CVSS0.00059EPSS
Exploits0References2
Rows per page
Query Builder