CVE-2026-25959

CVSS v3.1

9.8

Critical

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions FreeRDP versions prior to 3.23.0

Description FreeRDP is a free implementation of the Remote Desktop Protocol. A heap use-after-free condition exists in the clipboard channel due to improper memory management within the xf cliprdr provide data function. Specifically, the function passes freed memory (pDstData) to XChangeProperty. This occurs because the cliprdr channel thread calls xf cliprdr server format data response, which processes clipboard data without appropriate locking, while the X11 event thread concurrently calls xf cliprdr clear cached data which frees the same data via xf cached data free.

Recommendations Update to version 3.23.0 or later.

Exploit

Fix

Use After Free

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-416

Related Identifiers

CVE-2026-25959

GHSA-78XG-V4P2-4W3C

OPENSUSE-SU-2026:10408-1

OPENSUSE-SU-2026:20657-1

SUSE-SU-2026:1633-1

SUSE-SU-2026:21436-1

USN-8105-1

Affected Products

Freerdp

Linuxmint

Ubuntu

CVE-2026-25959

Weakness Enumeration

Related Identifiers

Affected Products

References · 74