Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
9.9
FreeRDP Remote Desktop Protocol decoder has a memory safety issue.
DEBIAN-CVE-2026-45700
Summary
FreeRDP, a software that helps computers connect to each other over a network, has a bug that could allow an attacker to write data outside the safe area of memory. This could potentially lead to the software crashing or behaving unexpectedly. To fix this, update to the latest version of FreeRDP, version 3.26.0 or later.
What to do
- Update debian freerdp3 to version 3.26.0+dfsg-1.
Affected software
| Ecosystem | Vendor | Product | Affected versions |
|---|---|---|---|
| Debian:11 | debian | freerdp2 | All versions |
| Debian:12 | debian | freerdp2 | All versions |
| Debian:13 | debian | freerdp3 | All versions |
| Debian:14 | debian | freerdp3 |
< 3.26.0+dfsg-1 Fix: upgrade to 3.26.0+dfsg-1
|
Original title
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.26.0, FreeRDP's planar bitmap decoder has an out-of-bounds heap write when decoding RLE planar data. In libfreerdp/codec/...
Original description
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.26.0, FreeRDP's planar bitmap decoder has an out-of-bounds heap write when decoding RLE planar data. In libfreerdp/codec/planar.c, freerdp_bitmap_decompress_planar() validates the X destination coordinate nXDst against the caller-provided destination stride (nDstStep) even when it is writing into the internal temp buffer pTempData. An attacker can bypass the check with a large nDstStep and a large nXDst, causing planar_decompress_plane_rle() to write past the end of pTempData. This vulnerability is fixed in 3.26.0.
osv CVSS4.0
9.9
- https://security-tracker.debian.org/tracker/CVE-2026-45700 Vendor Advisory
Published: 29 May 2026 · Updated: 30 May 2026 · First seen: 30 May 2026