CVE-2026-22859
FreeRDP has a heap-buffer-overflow in urb_select_configuration
CVSS Score
7.4
EPSS Score
0.0%
EPSS Percentile
0th
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.20.1, the URBDRC client does not perform bounds checking on server‑supplied MSUSB_INTERFACE_DESCRIPTOR values and uses them as indices in libusb_udev_complete_msconfig_setup, causing an out‑of‑bounds read. This vulnerability is fixed in 3.20.1.
| CWE | CWE-125 CWE-129 |
| Vendor | freerdp |
| Product | freerdp |
| Published | Jan 14, 2026 |
| Last Updated | Jun 30, 2026 |
Stay Ahead of the Next One
Get instant alerts for freerdp freerdp
Be the first to know when new high vulnerabilities affecting freerdp freerdp are published — delivered to Slack, Telegram or Discord.
Get Free Alerts →
Free · No credit card · 60 sec setup
Affected Versions
FreeRDP / FreeRDP
< 3.20.1
References
github.com: https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-56f5-76qv-2r36 github.com: https://github.com/FreeRDP/FreeRDP/releases/tag/3.20.1 access.redhat.com: https://access.redhat.com/security/cve/CVE-2026-22859 bugzilla.redhat.com: https://bugzilla.redhat.com/show_bug.cgi?id=2429653 security.access.redhat.com: https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-22859.json access.redhat.com: https://access.redhat.com/errata/RHSA-2026:4471 access.redhat.com: https://access.redhat.com/errata/RHSA-2026:4121 access.redhat.com: https://access.redhat.com/errata/RHSA-2026:3068 access.redhat.com: https://access.redhat.com/errata/RHSA-2026:19033 access.redhat.com: https://access.redhat.com/errata/RHSA-2026:3334 access.redhat.com: https://access.redhat.com/errata/RHSA-2026:4433 access.redhat.com: https://access.redhat.com/errata/RHSA-2026:4439 access.redhat.com: https://access.redhat.com/errata/RHSA-2026:4446 access.redhat.com: https://access.redhat.com/errata/RHSA-2026:4440 access.redhat.com: https://access.redhat.com/errata/RHSA-2026:4489 access.redhat.com: https://access.redhat.com/errata/RHSA-2026:4437 access.redhat.com: https://access.redhat.com/errata/RHSA-2026:4438 access.redhat.com: https://access.redhat.com/errata/RHSA-2026:3975 access.redhat.com: https://access.redhat.com/errata/RHSA-2026:3067