VDB
CVE-2026-22857
CVE-2026-22857
PUBLISHED
CVSS 6.800000190734863 MEDIUM
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.20.1, a heap use-after-free occurs in irp_thread_func because the IRP is freed by irp->Complete() and then accessed again on the error path. This vulnerability is fixed in 3.20.1.
EPSS 0.11% · 29.1th percentile
Risk Scores
CVSS 4.0
6.800000190734863
CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P
EPSS Score
0.11%
29.1th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| freerdp | freerdp | 0 |
| FreeRDP | FreeRDP | < 3.20.1 |
Exploit Intelligence
- https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-4gxq-jhq6-4cr8 (nist-nvd)
- CIRCL seen: CVE-2026-22857 (circl-sighting)
- CIRCL seen: CVE-2026-22857 (circl-sighting)
- https://github.com/FreeRDP/FreeRDP/releases/tag/3.20.1 (circl)
Timeline
- Jan 14, 2026 CVE Published
- Jan 14, 2026 PoC Published
- Jan 14, 2026 PoC Published
- Jan 15, 2026 EPSS Score
- Jan 18, 2026 EPSS Score
- Jan 20, 2026 CVE Updated
- Jan 21, 2026 EPSS Score
- Jan 24, 2026 EPSS Score
- Jan 27, 2026 EPSS Score
- Jan 30, 2026 EPSS Score
- Feb 2, 2026 EPSS Score
- Feb 5, 2026 EPSS Score