CVE-2026-24681
FreeRDP prior to 3.22.0 is affected by CVE-2026-24681. A use-after-free vulnerability arises when asynchronous bulk transfer completions can reference a freed channel callback after the URBDRC channel is closed, specifically in urb_write_completion. The issue is fixed in FreeRDP 3.22.0 (upstream)...