CVE-2026-25942

CVSS v2.0

7.8

High

Vector

AV:N/AC:L/Au:N/C:N/I:N/A:C

Name of the Vulnerable Software and Affected Versions FreeRDP versions prior to 3.23.0

Description FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.23.0, the function xf rail server execute result indexes the global error code names[] array with an unchecked value, execResult->execResult, received from the server. This allows for a read outside the bounds of the array when the server sends a value of 7 or greater for execResult. The error code names[] array has 7 elements, with valid indices ranging from 0 to 6.

Recommendations Update to version 3.23.0 or later.

Exploit

Fix

Out of bounds Read

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-125

Related Identifiers

BDU:2026-04137

CVE-2026-25942

GHSA-78Q6-67M7-WWF6

OPENSUSE-SU-2026:10408-1

OPENSUSE-SU-2026:10611-1

OPENSUSE-SU-2026:20632-1

OPENSUSE-SU-2026:20657-1

SUSE-SU-2026:1632-1

SUSE-SU-2026:1633-1

SUSE-SU-2026:1634-1

SUSE-SU-2026:1635-1

SUSE-SU-2026:1640-1

SUSE-SU-2026:21436-1

USN-8105-1

Affected Products

Freerdp

Linuxmint

Ubuntu

CVE-2026-25942

Weakness Enumeration

Related Identifiers

Affected Products

References · 76