Back to search
CVE-2026-22852
Published: Jan 14, 2026
Modified: Feb 26, 2026
PUBLISHED
Description
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.20.1, a malicious RDP server can trigger a heap-buffer-overflow write in the FreeRDP client when processing Audio Input (AUDIN) format lists. audin_process_formats reuses callback->formats_count across multiple MSG_SNDIN_FORMATS PDUs and writes past the newly allocated formats array, causing memory corruption and a crash. This vulnerability is fixed in 3.20.1.
| Vendor | Product | Versions |
|---|---|---|
FreeRDP | FreeRDP | affected < 3.20.1 |
Weaknesses (CWE)
References
https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-9chc-g79v-4qq4
x_refsource_CONFIRM
https://github.com/FreeRDP/FreeRDP/releases/tag/3.20.1
x_refsource_MISC
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now