๐Ÿ” CVE Alert

CVE-2026-22858

HIGH 7.4

FreeRDP has a global-buffer-overflow in crypto_base64_decode

CVSS Score
7.4
EPSS Score
0.0%
EPSS Percentile
0th

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.20.1, global-buffer-overflow was observed in FreeRDP's Base64 decoding path. The root cause appears to be implementation-defined char signedness: on Arm/AArch64 builds, plain char is treated as unsigned, so the guard c <= 0 can be optimized into a simple c != 0 check. As a result, non-ASCII bytes (e.g., 0x80-0xFF) may bypass the intended range restriction and be used as an index into a global lookup table, causing out-of-bounds access. This vulnerability is fixed in 3.20.1.

CWE CWE-125 CWE-758
Vendor freerdp
Product freerdp
Published Jan 14, 2026
Last Updated Jun 30, 2026
Stay Ahead of the Next One

Get instant alerts for freerdp freerdp

Be the first to know when new high vulnerabilities affecting freerdp freerdp are published โ€” delivered to Slack, Telegram or Discord.

Get Free Alerts โ†’ Free ยท No credit card ยท 60 sec setup

Affected Versions

FreeRDP / FreeRDP
< 3.20.1

References

NVD โ†— CVE.org โ†— EPSS Data โ†—
github.com: https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-qmqf-m84q-x896 github.com: https://github.com/FreeRDP/FreeRDP/releases/tag/3.20.1 access.redhat.com: https://access.redhat.com/security/cve/CVE-2026-22858 bugzilla.redhat.com: https://bugzilla.redhat.com/show_bug.cgi?id=2429649 security.access.redhat.com: https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-22858.json access.redhat.com: https://access.redhat.com/errata/RHSA-2026:4471 access.redhat.com: https://access.redhat.com/errata/RHSA-2026:4121 access.redhat.com: https://access.redhat.com/errata/RHSA-2026:3068 access.redhat.com: https://access.redhat.com/errata/RHSA-2026:19033 access.redhat.com: https://access.redhat.com/errata/RHSA-2026:3334 access.redhat.com: https://access.redhat.com/errata/RHSA-2026:4433 access.redhat.com: https://access.redhat.com/errata/RHSA-2026:4439 access.redhat.com: https://access.redhat.com/errata/RHSA-2026:4446 access.redhat.com: https://access.redhat.com/errata/RHSA-2026:4440 access.redhat.com: https://access.redhat.com/errata/RHSA-2026:4489 access.redhat.com: https://access.redhat.com/errata/RHSA-2026:4437 access.redhat.com: https://access.redhat.com/errata/RHSA-2026:4438 access.redhat.com: https://access.redhat.com/errata/RHSA-2026:3975 access.redhat.com: https://access.redhat.com/errata/RHSA-2026:3067