CVE-2026-25953
CVE-2026-25953 (FreeRDP) : A use-after-free condition exists in FreeRDP prior to 3.23.0 where the RDPGFX DVC thread obtains a bare pointer to an xfAppWindow via xf_rail_get_window. The main thread can concurrently delete the window (via a fastpath window-delete order), causing xf_AppUpdateWindowF...