CVE-2026-26271

CVSS v4.0

6.9

Medium

Vector

AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N

Name of the Vulnerable Software and Affected Versions FreeRDP versions prior to 3.23.0

Description FreeRDP is a free implementation of the Remote Desktop Protocol. A buffer overread exists in the freerdp image copy from icon data() function (libfreerdp/codec/color.c). This issue can be triggered by specially crafted RDP Window Icon (TS ICON INFO) data. The flaw is reachable over a network when a client processes icon data from an RDP server, or in a man-in-the-middle scenario.

Recommendations Update to version 3.23.0 or later.

Exploit

Fix

Buffer Over-read

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-126

Related Identifiers

BDU:2026-04151

CVE-2026-26271

GHSA-HR4M-PH4G-48J6

MGASA-2026-0086

OESA-2026-1516

OESA-2026-1517

OESA-2026-1518

OESA-2026-1519

OESA-2026-1520

OESA-2026-1521

OPENSUSE-SU-2026:10408-1

OPENSUSE-SU-2026:10459-1

OPENSUSE-SU-2026:20632-1

OPENSUSE-SU-2026:20657-1

SUSE-SU-2026:1129-1

SUSE-SU-2026:1160-1

SUSE-SU-2026:1164-1

SUSE-SU-2026:1165-1

SUSE-SU-2026:1398-1

SUSE-SU-2026:21436-1

USN-8105-1

Affected Products

Freerdp

Linuxmint

Ubuntu

CVE-2026-26271

Weakness Enumeration

Related Identifiers

Affected Products

References · 139