CNNVD-202601-2359 Information

CNNVD ID

CNNVD-202601-2359

Related CVE

CVE-2026-22858

• CNNVD Published: 2026-01-14

Description (Chinese)

FreeRDP是FreeRDP团队的一款开源的远程桌面协议（RDP）的实现。 FreeRDP 3.20.1之前版本存在安全漏洞，该漏洞源于Base64解码路径中的全局缓冲区溢出，可能导致越界访问。

Description (English)

FreeRDP is an open-source remote desktop protocol (RDP) for the FreeRDP team. There was a security loophole in the previous version of FreeRDP 3.20.1, resulting from the spilling of the global buffer zone on the Base64 decoded path, which could lead to cross-border visits.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

FreeRDP

Published

2026-01-14

Last Modified

2026-02-24

References

https://github.com/FreeRDP/FreeRDP/releases/tag/3.20.1 https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-qmqf-m84q-x896 https://access.redhat.com/security/cve/cve-2026-22858

Patch

https://github.com/FreeRDP/FreeRDP/releases