CNNVD-202602-1320 Information

CNNVD ID

CNNVD-202602-1320

Related CVE

CVE-2026-24679

• CNNVD Published: 2026-02-09

Description (Chinese)

FreeRDP是FreeRDP团队的一款开源的远程桌面协议（RDP）的实现。 FreeRDP 3.22.0之前版本存在安全漏洞，该漏洞源于URBDRC客户端使用服务器提供的接口号作为数组索引而未进行边界检查，可能导致越界读取。

Description (English)

FreeRDP is an open-source remote desktop protocol (RDP) for the FreeRDP team. The security loophole in the previous version of FreeRDP 3.22.0 stems from the fact that the interface number provided by the URBDRC client using the server as an array index was not checked at the border, which could result in cross-border reading.

Vulnerability Type

其他

Affected Vendor

FreeRDP

Published

2026-02-09

Last Modified

2026-02-24

References

https://github.com/FreeRDP/FreeRDP/commit/2d563a50be17c1b407ca448b1321378c0726dd31 https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-2jp4-67x6-gv7x

Patch

https://github.com/FreeRDP/FreeRDP/releases