VDB
CVE-2026-23883
CVE-2026-23883
PUBLISHED
EPSS 0.22% · 45.4th percentile
Risk Scores
EPSS Score
0.22%
45.4th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Amazon | freerdp |
Exploit Intelligence
- https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-qcrr-85qx-4p6x (circl)
- https://github.com/FreeRDP/FreeRDP/blob/3370e30e92a021eb680892dda14d642bc8b8727c/client/X11/xf_graphics.c#L312-L319 (circl)
- https://github.com/FreeRDP/FreeRDP/blob/3370e30e92a021eb680892dda14d642bc8b8727c/client/X11/xf_graphics.c#L340 (circl)
- https://github.com/FreeRDP/FreeRDP/blob/3370e30e92a021eb680892dda14d642bc8b8727c/libfreerdp/cache/pointer.c#L164-L174 (circl)
- https://github.com/FreeRDP/FreeRDP/releases/tag/3.21.0 (circl)
- CIRCL seen: CVE-2026-23883 (circl-sighting)
Timeline
- Jan 19, 2026 CVE Published
- Jan 19, 2026 PoC Published
- Jan 20, 2026 EPSS Score
- Jan 23, 2026 EPSS Score
- Jan 26, 2026 EPSS Score
- Jan 28, 2026 EPSS Score
- Jan 31, 2026 EPSS Score
- Feb 3, 2026 EPSS Score
- Feb 6, 2026 EPSS Score
- Feb 8, 2026 EPSS Score
- Feb 11, 2026 EPSS Score
- Feb 14, 2026 EPSS Score
References
- ALAS2-2026-3162: freerdp (important) advisory