CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

8 matches found

RedhatCVE•added 2026/06/18 12:16 p.m.•7 views

CVE-2026-40033

A flaw was found in FreeRDP.If a user connects to a malicious Remote Desktop RDP server, a security flaw in FreeRDP could cause the application to crash or allow the server to run unauthorized code on the user's system. Mitigation To mitigate this issue, users should avoid connecting to untrusted...

8.8CVSS5.4AI score0.00744EPSS

Exploits1References6

OSV•added 2026/05/29 8:16 p.m.•7 views

UBUNTU-CVE-2026-44421

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.26.0, a malicious RDP server can trigger a heap-buffer-overflow write in the FreeRDP client by sending crafted RDPGFX PDUs. The bug is in gdiCacheToSurface: it validates a destination rectangle that is clamped to UINT16MA...

8.8CVSS5.9AI score0.00363EPSS

Exploits1References3

Tenable Nessus•added 2026/05/28 12:0 a.m.•16 views

Linux Distros Unpatched Vulnerability : CVE-2026-40033

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - FreeRDP before 3.26.0 contains a heap-buffer-overflow vulnerability in gdiCacheToSurface that allows remote attackers to write out-of-bounds heap memory. The...

8.8CVSS6.1AI score0.00744EPSS

Exploits1References4

SUSE CVE•added 2026/05/27 2:49 a.m.•9 views

SUSE CVE-2026-40033

FreeRDP before 3.26.0 contains a heap-buffer-overflow vulnerability in gdiCacheToSurface that allows remote attackers to write out-of-bounds heap memory. The vulnerability occurs because rectangle validation clamps coordinates to UINT16MAX but performs copy operations using unclamped cache entry...

8.1CVSS6.5AI score0.00744EPSS

Exploits1References4