[SECURITY] Fedora 43 Update: xrdp-0.10.6-2.fc43

xrdp provides a fully functional RDP server compatible with a wide range of RDP clients, including FreeRDP and Microsoft RDP client...

[SECURITY] Fedora 44 Update: xrdp-0.10.6-2.fc44

xrdp provides a fully functional RDP server compatible with a wide range of RDP clients, including FreeRDP and Microsoft RDP client...

Astra Linux - уязвимость в xrdp

xrdp is an open-source RDP server. Before version 0.10.5, xrdp contained an unauthenticated stack-based buffer overflow vulnerability. The issue arises from improper bounds checking when processing user domain information during the connection process. If exploited, this vulnerability could allow...

SUSE CVE-2026-32624

xrdp is an open source RDP server. Versions through 0.10.5 contain a heap-based buffer overflow vulnerability in its logon processing. In environments where domainuserseparator is configured in xrdp.ini, an unauthenticated remote attacker can send a crafted, excessively long username and domain...

Linux Distros Unpatched Vulnerability : CVE-2026-35512

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - xrdp is an open source RDP server. Versions through 0.10.5 have a heap-based buffer overflow in the EGFX graphics dynamic virtual channel implementation due to...

Linux Distros Unpatched Vulnerability : CVE-2026-32105

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - xrdp is an open source RDP server. In versions through 0.10.5, xrdp does not implement verification for the Message Authentication Code MAC signature of encrypt...

EUVD-2026-23516

xrdp is an open source RDP server. Versions through 0.10.5 have an out-of-bounds read vulnerability in the pre-authentication RDP message parsing logic. A remote, unauthenticated attacker can trigger this flaw by sending a specially crafted sequence of packets during the initial connection phase...

CVE-2026-33145

xrdp is an open source RDP server. Versions through 0.10.5 allow an authenticated remote user to execute arbitrary commands on the server due to unsafe handling of the AlternateShell parameter in xrdp-sesman. When the AllowAlternateShell setting is enabled which is the default when not explicitly...

CVE-2026-32623 xrdp: Heap buffer overflow in NeutrinoRDP channel reassembly

xrdp is an open source RDP server. Versions through 0.10.5 contain a heap-based buffer overflow vulnerability in the NeutrinoRDP module. When proxying RDP sessions from xrdp to another server, the module fails to properly validate the size of reassembled fragmented virtual channel data against it...

CVE-2026-32107 xrdp: Fail-open privilege drop in sesexec — child processes may execute as root if setuid fails

xrdp is an open source RDP server. In versions through 0.10.5, the session execution component did not properly handle an error during the privilege drop process. This improper privilege management could allow an authenticated local attacker to escalate privileges to root and execute arbitrary co...

EUVD-2026-23474

xrdp is an open source RDP server. In versions through 0.10.5, the session execution component did not properly handle an error during the privilege drop process. This improper privilege management could allow an authenticated local attacker to escalate privileges to root and execute arbitrary co...

xrdp 安全漏洞

XRDPT is an open-source remote desktop protocol server developed by Neutrinolabs. Versions of XRDPT prior to 0.10.5 contain security vulnerabilities. These vulnerabilities stem from issues with the session execution component’s handling of permission discarding processes. This could allow...

PT-2026-33488

Name of the Vulnerable Software and Affected Versions xrdp versions prior to 0.10.6 Description The session execution component of this open source RDP server fails to properly handle errors during the privilege drop process. This improper privilege management allows an authenticated local attack...

xrdp 安全漏洞

XRDPT is an open-source remote desktop protocol server developed by Neutrinolabs. Versions of XRDPT prior to 0.10.5 contain security vulnerabilities. These vulnerabilities stem from out-of-bound reads during the RDP capability exchange phase, which may lead to denial of service or the disclosure ...

PT-2026-33509

Name of the Vulnerable Software and Affected Versions xrdp versions prior to 0.10.6 Description An open source RDP server contains a heap-based buffer overflow in the EGFX graphics dynamic virtual channel implementation. This occurs due to insufficient validation of client-controlled size...

xrdp 安全漏洞

XRDPT is an open-source remote desktop protocol server developed by Neutrinolabs. Versions of XRDPT prior to 0.10.5 contain security vulnerabilities. These vulnerabilities stem from insufficient validation of the size parameter in the EGX implementation, leading to a heap-based buffer overflow th...

ROS-20260410-73-0006

An XRDP server vulnerability is related to an operation exceeding buffer boundaries in memory. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code...

freerdp: FreeRDP: Arbitrary code execution via heap buffer overflow in GDI surface pipeline

A flaw was found in FreeRDP, a free implementation of the Remote Desktop Protocol RDP. A malicious RDP server can exploit a heap buffer overflow vulnerability by sending a specially crafted graphics command to a FreeRDP client. This allows the server to write data outside of its intended memory...

freerdp: FreeRDP: Arbitrary code execution via heap buffer overflow in GDI surface pipeline

A flaw was found in FreeRDP, a free implementation of the Remote Desktop Protocol RDP. A malicious RDP server can exploit a heap buffer overflow vulnerability by sending a specially crafted graphics command to a FreeRDP client. This allows the server to write data outside of its intended memory...

freerdp: FreeRDP: Arbitrary code execution via heap out-of-bounds write in RLE planar decode path

A flaw was found in FreeRDP, a free implementation of the Remote Desktop Protocol RDP. A malicious RDP server can exploit a heap out-of-bounds write vulnerability in the planardecompressplanerle function. This vulnerability allows the server to write past the end of a temporary buffer, potentiall...