CVE-2026-22855
FreeRDP has a heap-buffer-overflow in smartcard_unpack_set_attrib_call
CVSS Score
7.4
EPSS Score
0.0%
EPSS Percentile
0th
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.20.1, a heap out-of-bounds read occurs in the smartcard SetAttrib path when cbAttrLen does not match the actual NDR buffer length. This vulnerability is fixed in 3.20.1.
| CWE | CWE-125 |
| Vendor | freerdp |
| Product | freerdp |
| Published | Jan 14, 2026 |
| Last Updated | Jun 30, 2026 |
Stay Ahead of the Next One
Get instant alerts for freerdp freerdp
Be the first to know when new high vulnerabilities affecting freerdp freerdp are published โ delivered to Slack, Telegram or Discord.
Get Free Alerts โ
Free ยท No credit card ยท 60 sec setup
Affected Versions
FreeRDP / FreeRDP
< 3.20.1
References
github.com: https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-rwp3-g84r-6mx9 github.com: https://github.com/FreeRDP/FreeRDP/releases/tag/3.20.1 access.redhat.com: https://access.redhat.com/security/cve/CVE-2026-22855 bugzilla.redhat.com: https://bugzilla.redhat.com/show_bug.cgi?id=2429645 security.access.redhat.com: https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-22855.json access.redhat.com: https://access.redhat.com/errata/RHSA-2026:4471 access.redhat.com: https://access.redhat.com/errata/RHSA-2026:4121 access.redhat.com: https://access.redhat.com/errata/RHSA-2026:3068 access.redhat.com: https://access.redhat.com/errata/RHSA-2026:19033 access.redhat.com: https://access.redhat.com/errata/RHSA-2026:3334 access.redhat.com: https://access.redhat.com/errata/RHSA-2026:4439 access.redhat.com: https://access.redhat.com/errata/RHSA-2026:4446 access.redhat.com: https://access.redhat.com/errata/RHSA-2026:4440 access.redhat.com: https://access.redhat.com/errata/RHSA-2026:4489 access.redhat.com: https://access.redhat.com/errata/RHSA-2026:4437 access.redhat.com: https://access.redhat.com/errata/RHSA-2026:4438 access.redhat.com: https://access.redhat.com/errata/RHSA-2026:3975 access.redhat.com: https://access.redhat.com/errata/RHSA-2026:3067