Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

1561 matches found

NVD
NVDadded 2026/03/13 7:54 p.m.0 views

CVE-2026-31806

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.24.0, the gdisurfacebits function processes SURFACEBITSCOMMAND messages sent by the RDP server. When the command is handled using NSCodec, the bmp.width and bmp.height values provided by the server are not properly...

9.8CVSS0.00532EPSS
Exploits1References2
OSV
OSVadded 2026/03/13 7:54 p.m.3 views

DEBIAN-CVE-2026-31806

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.24.0, the gdisurfacebits function processes SURFACEBITSCOMMAND messages sent by the RDP server. When the command is handled using NSCodec, the bmp.width and bmp.height values provided by the server are not properly...

9.8CVSS5.2AI score0.00532EPSS
Exploits1References1
UbuntuCve
UbuntuCveadded 2026/03/13 7:54 p.m.2 views

CVE-2026-31806

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.24.0, the gdisurfacebits function processes SURFACEBITSCOMMAND messages sent by the RDP server. When the command is handled using NSCodec, the bmp.width and bmp.height values provided by the server are not properly...

9.8CVSS6AI score0.00532EPSS
Exploits1References3
OSV
OSVadded 2026/03/13 7:54 p.m.2 views

UBUNTU-CVE-2026-31806

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.24.0, the gdisurfacebits function processes SURFACEBITSCOMMAND messages sent by the RDP server. When the command is handled using NSCodec, the bmp.width and bmp.height values provided by the server are not properly...

9.8CVSS6.2AI score0.00532EPSS
Exploits1References4
RedhatCVE
RedhatCVEadded 2026/03/13 7:3 p.m.1 views

CVE-2026-31806

A flaw was found in FreeRDP, a free implementation of the Remote Desktop Protocol RDP. The gdisurfacebits function, which processes SURFACEBITSCOMMAND messages, does not properly validate image dimensions bmp.width and bmp.height provided by a malicious RDP server. This can lead to a heap buffer...

9.8CVSS6.2AI score0.00532EPSS
Exploits1References5
AlpineLinux
AlpineLinuxadded 2026/03/13 5:40 p.m.0 views

CVE-2026-31806

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.24.0, the gdisurfacebits function processes SURFACEBITSCOMMAND messages sent by the RDP server. When the command is handled using NSCodec, the bmp.width and bmp.height values provided by the server are not properly...

9.8CVSS6.3AI score0.00532EPSS
Exploits1
ATTACKERKB
ATTACKERKBadded 2026/03/13 5:40 p.m.10 views

CVE-2026-31806

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.24.0, the gdisurfacebits function processes SURFACEBITSCOMMAND messages sent by the RDP server. When the command is handled using NSCodec, the bmp.width and bmp.height values provided by the server are not properly...

9.3CVSS6.3AI score0.00532EPSS
Exploits1References3Affected Software1
Cvelist
Cvelistadded 2026/03/13 5:40 p.m.23 views

CVE-2026-31806 FreeRDP has a Heap Buffer Overflow in nsc_process_message() via Unchecked SURFACE_BITS_COMMAND Bitmap Dimensions

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.24.0, the gdisurfacebits function processes SURFACEBITSCOMMAND messages sent by the RDP server. When the command is handled using NSCodec, the bmp.width and bmp.height values provided by the server are not properly...

9.3CVSS0.00532EPSS
Exploits1References2
Vulnrichment
Vulnrichmentadded 2026/03/13 5:40 p.m.3 views

CVE-2026-31806 FreeRDP has a Heap Buffer Overflow in nsc_process_message() via Unchecked SURFACE_BITS_COMMAND Bitmap Dimensions

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.24.0, the gdisurfacebits function processes SURFACEBITSCOMMAND messages sent by the RDP server. When the command is handled using NSCodec, the bmp.width and bmp.height values provided by the server are not properly...

9.3CVSS6.3AI score0.00532EPSS
Exploits1References2
EUVD
EUVDadded 2026/03/13 5:40 p.m.2 views

EUVD-2026-12060

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.24.0, the gdisurfacebits function processes SURFACEBITSCOMMAND messages sent by the RDP server. When the command is handled using NSCodec, the bmp.width and bmp.height values provided by the server are not properly...

9.3CVSS6.3AI score0.00532EPSS
Exploits1References2
CVE
CVEadded 2026/03/13 5:40 p.m.28 views

CVE-2026-31806

Summary: CVE-2026-31806 affects FreeRDP prior to 3.24.0, where the gdi_surface_bits() handler (NSCodec path) can process SURFACE_BITS_COMMAND messages with unsafe bmp.width/bmp.height values, enabling a heap buffer overflow by crafting server data. The issue arises when width/height are not prope...

9.8CVSS6.3AI score0.00532EPSS
Exploits1References2Affected Software1
OSV
OSVadded 2026/03/13 5:40 p.m.1 views

CVE-2026-31806 FreeRDP has a Heap Buffer Overflow in nsc_process_message() via Unchecked SURFACE_BITS_COMMAND Bitmap Dimensions

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.24.0, the gdisurfacebits function processes SURFACEBITSCOMMAND messages sent by the RDP server. When the command is handled using NSCodec, the bmp.width and bmp.height values provided by the server are not properly...

9.3CVSS6.2AI score0.00532EPSS
Exploits1References4
AlpineLinux
AlpineLinuxadded 2026/03/13 5:26 p.m.2 views

CVE-2026-29774

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.24.0, a client-side heap buffer overflow occurs in the FreeRDP client's AVC420/AVC444 YUV-to-RGB conversion path due to missing horizontal bounds validation of H.264 metablock regionRects coordinates. In yuv.c, the clamp...

8.2CVSS6AI score0.00323EPSS
Exploits1
ATTACKERKB
ATTACKERKBadded 2026/03/13 5:26 p.m.8 views

CVE-2026-29774

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.24.0, a client-side heap buffer overflow occurs in the FreeRDP client's AVC420/AVC444 YUV-to-RGB conversion path due to missing horizontal bounds validation of H.264 metablock regionRects coordinates. In yuv.c, the clamp...

5.3CVSS6AI score0.00323EPSS
Exploits1References3Affected Software1
Vulnrichment
Vulnrichmentadded 2026/03/13 5:26 p.m.2 views

CVE-2026-29774 FreeRDP has a heap-buffer-overflow in avc420_yuv_to_rgb via OOB regionRects

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.24.0, a client-side heap buffer overflow occurs in the FreeRDP client's AVC420/AVC444 YUV-to-RGB conversion path due to missing horizontal bounds validation of H.264 metablock regionRects coordinates. In yuv.c, the clamp...

5.3CVSS6AI score0.00323EPSS
Exploits1References2
EUVD
EUVDadded 2026/03/13 5:26 p.m.2 views

EUVD-2026-12055

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.24.0, a client-side heap buffer overflow occurs in the FreeRDP client's AVC420/AVC444 YUV-to-RGB conversion path due to missing horizontal bounds validation of H.264 metablock regionRects coordinates. In yuv.c, the clamp...

5.3CVSS6AI score0.00323EPSS
Exploits1References2
OSV
OSVadded 2026/03/13 3:47 p.m.2 views

GHSA-4W7M-58CG-CMFF OpenClaw: Leaf subagents could steer sibling sessions across sandbox boundaries

Summary In affected versions of openclaw, sandboxed leaf subagents could still access the subagents control surface and resolve against the parent requester scope instead of remaining confined to their own session tree. Impact A low-privilege sandboxed leaf worker could steer or kill a sibling ru...

8.8CVSS5.9AI score
Exploits0References3
CNNVD
CNNVDadded 2026/03/13 12:0 a.m.2 views

FreeRDP 安全漏洞

FreeRDP is an open-source implementation of the Remote Desktop Protocol RDP by the FreeRDP team. Versions of FreeRDP prior to 3.24.0 contained security vulnerabilities. These vulnerabilities stemmed from the gdisurfacebits function not properly verifying the bmp.width and bmp.height values provid...

9.8CVSS6.1AI score0.00532EPSS
Exploits1References3
Tenable Nessus
Tenable Nessusadded 2026/03/13 12:0 a.m.2 views

Linux Distros Unpatched Vulnerability : CVE-2026-31806

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.24.0, the gdisurfacebits function processes SURFACEBITSCOMMAND messages sent by the...

9.8CVSS6.1AI score0.00532EPSS
Exploits1References3
GithubExploit
GithubExploitadded 2026/03/11 8:13 p.m.98 views

manchurian-agent-poc

Manchurian Candidate Agent POC ⚠️ SECURITY RESEARCH — EDU...

5.9AI score
Exploits0
Rows per page
Query Builder