MAGEIA-2026-86
FreeRDP has a heap-buffer-overflow in audin_process_formats. (CVE-2026-22852) FreeRDP has a heap-buffer-overflow in drive_process_irp_read. (CVE-2026-22854) FreeRDP has a heap-buffer-overflow in smartcard_unpack_set_attrib_call. (CVE-2026-22855) FreeRDP has a heap-use-after-free in create_irp_thread. (CVE-2026-22856) FreeRDP has a heap-use-after-free in irp_thread_func. (CVE-2026-22857) FreeRDP has a heap-buffer-overflow in urb_select_configuration. (CVE-2026-22859) FreeRDP has heap-buffer-overflow in Glyph_Alloc. (CVE-2026-23732) Heap-use-after-free in update_pointer_new. (CVE-2026-23883) Heap-use-after-free in gdi_set_bounds. (CVE-2026-23884) FreeRDP has a heap-use-after-free in video_timer. (CVE-2026-24491) Buffer Overread in FreeRDP Icon Processing. (CVE-2026-26271) FreeRDP has Out-of-bounds Write. (CVE-2026-26955, CVE-2026-26965) FreeRDP has a Heap Buffer Overflow in nsc_process_message() via Unchecked SURFACE_BITS_COMMAND Bitmap Dimensions. (CVE-2026-31806) FreeRDP has a `size_t` underflow in ADPCM decoder leads to heap-buffer-overflow write. (CVE-2026-31883) FreeRDP has an out-of-bounds read in ADPCM decoders due to missing predictor/step_index bounds checks. (CVE-2026-31885)
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Mageia | freerdp | 0, 2.11.7-1.3.mga9 |
Timeline
- Apr 6, 2026 CVE Updated
- Apr 6, 2026 CVE Published
References
- Updated freerdp packages fix security vulnerabilities advisory
- Updated freerdp packages fix security vulnerabilities issue
- Updated freerdp packages fix security vulnerabilities issue
- Updated freerdp packages fix security vulnerabilities issue
- Updated freerdp packages fix security vulnerabilities issue
- Updated freerdp packages fix security vulnerabilities issue