3 matches found
CVE-2026-44422
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.26.0, FreeRDP's RDPEAR NDR parser accepts one non-null NDR pointer ref-id for multiple logical pointer fields without tracking the pointed object's expected NDR type or ownership. When the same ref-id is reused across two...
CVE-2026-44422 FreeRDP RDPEAR NDR ref-id aliasing causes client-side UAF/double-free and type confusion
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.26.0, FreeRDP's RDPEAR NDR parser accepts one non-null NDR pointer ref-id for multiple logical pointer fields without tracking the pointed object's expected NDR type or ownership. When the same ref-id is reused across two...
PT-2026-2931
Name of the Vulnerable Software and Affected Versions FreeRDP versions prior to 3.20.1 Description FreeRDP, a free implementation of the Remote Desktop Protocol, contains a flaw in RDPEAR’s NDR array reader. The NDR array reader does not validate the element count, potentially leading to a heap...