โ† ุงู„ุนูˆุฏุฉ ู„ู„ุฌุฏูˆู„
CVE-2026-23883
CVE-2026-23883 โ€” VulnCheck: FreeRDP is a free implementation of the Remote Desktop Protocol. Prior
๐Ÿ“… 2026-01-19
๐Ÿ”ด Critical ๐Ÿ”ฅ No VulnCheck Exploit Windows CVSS 9.8

๐Ÿ“‹ ุงู„ูˆุตู ุงู„ูƒุงู…ู„

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.21.0, `xf_Pointer_New` frees `cursorPixels` on failure, then `pointer_free` calls `xf_Pointer_Free` and frees it again, triggering ASan UAF. A malicious server can trigger a clientโ€‘side use after free, causing a crash (DoS) and potential heap corruption with codeโ€‘execution risk depending on allocator behavior a

๐Ÿ’ป ุงู„ุฃู†ุธู…ุฉ ุงู„ู…ุชุฃุซุฑุฉ

VulnCheck: FreeRDP is

โš ๏ธ ู†ูˆุน ุงู„ุชู‡ุฏูŠุฏ

Exploit

๐Ÿ”— CVE ID

CVE-2026-23883

๐Ÿ“ก ุงู„ู…ุตุฏุฑ

VulnCheck

โœ… ุงู„ุญู„ูˆู„ ูˆุงู„ุชุฎููŠู

Update to v3.21.0

๐Ÿ”— ุงู„ู…ุตุฏุฑ ุงู„ุฃุตู„ูŠ โ† ๐Ÿ“˜ NVD โ† โšก CISA KEV โ†