Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
8.1
FreeRDP Remote Desktop Protocol Client Memory Leak
CVE-2026-25941
Summary
The FreeRDP client may allow a malicious server to access sensitive information or crash the client when a user connects to it. This affects FreeRDP versions 2.x before 2.11.8 and 3.x before 3.23.0. Update to version 2.11.8 or 3.23.0 to fix this issue.
What to do
No fix is available yet. Check with your software vendor for updates.
Affected software
| Vendor | Product | Affected versions | Fix available |
|---|---|---|---|
| freerdp | freerdp | > 2.0.0 , <= 2.11.8 | – |
| freerdp | freerdp | > 3.0.0 , <= 3.23.0 | – |
Original title
FreeRDP is a free implementation of the Remote Desktop Protocol. Versions on the 2.x branch prior to to 2.11.8 and on the 3.x branch prior to 3.23.0 have an out-of-bounds read vulnerability in the ...
Original description
FreeRDP is a free implementation of the Remote Desktop Protocol. Versions on the 2.x branch prior to to 2.11.8 and on the 3.x branch prior to 3.23.0 have an out-of-bounds read vulnerability in the FreeRDP client's RDPGFX channel that allows a malicious RDP server to read uninitialized heap memory by sending a crafted WIRE_TO_SURFACE_2 PDU with a `bitmapDataLength` value larger than the actual data in the packet. This can lead to information disclosure or client crashes when a user connects to a malicious server. Versions 2.11.8 and 3.23.0 fix the issue.
nvd CVSS3.1
8.1
Vulnerability type
CWE-20
Improper Input Validation
CWE-125
Out-of-bounds Read
- https://github.com/FreeRDP/FreeRDP/commit/2e3b77e28ac6a398897d28ba464dcc5dfab9c9... Patch
- https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-3546-x645-5cf8 Exploit Mitigation Patch Vendor Advisory
Published: 25 Feb 2026 · Updated: 12 Mar 2026 · First seen: 6 Mar 2026