CVE-2026-33982

CVSS v2.0

9.4

High

Vector

AV:N/AC:L/Au:N/C:C/I:N/A:C

Name of the Vulnerable Software and Affected Versions FreeRDP versions prior to 3.24.2

Description FreeRDP is a free implementation of the Remote Desktop Protocol. Versions prior to 3.24.2 contain a heap-buffer-overflow READ vulnerability. This issue occurs due to a 24-byte buffer overflow before allocation within the winpr aligned offset recalloc() function. The issue has been addressed in version 3.24.2.

Recommendations Update to version 3.24.2 or later.

Exploit

Fix

Out of bounds Read

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-125

Related Identifiers

ALSA-2026:16014

BDU:2026-04668

CVE-2026-33982

GHSA-8JM9-2925-G4V2

OPENSUSE-SU-2026:10633-1

OPENSUSE-SU-2026:20657-1

SUSE-SU-2026:21436-1

Affected Products

Freerdp

CVE-2026-33982

Weakness Enumeration

Related Identifiers

Affected Products

References · 46