CVE-2026-22855
CVE-2026-22855 affects FreeRDP prior to version 3.20.1, where a heap-out-of-bounds read occurs in the smartcard SetAttrib path when cbAttrLen does not match the actual NDR buffer length. The vulnerability is fixed in FreeRDP 3.20.1. Impact per available data includes high confidentiality/availabi...