top of page
perceptive_background_267k.jpg

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.26.0, FreeRDP's RDPEAR NDR parser accepts one non-null NDR pointer ref-id for multip…

Published:

28 May 2026 at 22:00:00

Alert date:

29 May 2026 at 21:09:42

Source:

nvd.nist.gov

Click to open the original link from this advisory

Network Infrastructure, Enterprise Applications

FreeRDP versions prior to 3.26.0 contain a heap use-after-free and double-free vulnerability in the RDPEAR NDR parser. The parser incorrectly handles non-null NDR pointer ref-ids, allowing the same reference ID to be reused across multiple pointer fields without proper tracking. This results in the same heap object being assigned to multiple output fields, which the generic destructor later attempts to free multiple times. A malicious RDP server can trigger this vulnerability in the client's RDPEAR authentication-redirection path, potentially leading to memory corruption. The vulnerability has been fixed in FreeRDP version 3.26.0.

Technical details

Mitigation steps:

Affected products:

FreeRDP

Related links:

https://nvd.nist.gov/vuln/detail/CVE-2026-44422
https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-j9q5-7g8m-jc9v

Related CVE's:

Related threat actors:

IOC's:

This article was created with the assistance of AI technology by Perceptive.

About us

© 2025 by Perceptive Security. All rights reserved.

email: info@perceptivesecurity.com

Disclaimer: Deze website toont informatie afkomstig van externe bronnen. Perceptive aanvaardt geen verantwoordelijkheid voor de inhoud, juistheid of volledigheid van deze informatie.

bottom of page