CVE-2026-57158
FreeRDP planar_decompress_plane_rle_only: heap OOB read โ incomplete fix for CVE-2026-23530
CVSS Score
0.0
EPSS Score
0.7%
EPSS Percentile
49th
FreeRDP is a free implementation of the Remote Desktop Protocol. From 3.21.0 before 3.28.0, FreeRDP clients using the GFX pipeline contain an incomplete fix for CVE-2026-23530 in planar_decompress_plane_rle_only in libfreerdp/codec/planar.c, allowing a malicious RDP server to send a truncated RDPGFX_CMDID_WIRETOSURFACE_1 planar payload that reads one byte past the input buffer. This issue is fixed in version 3.28.0.
| CWE | CWE-125 |
| Vendor | freerdp |
| Product | freerdp |
| Published | Jul 10, 2026 |
| Last Updated | Jul 14, 2026 |
Stay Ahead of the Next One
Get instant alerts for freerdp freerdp
Be the first to know when new unknown vulnerabilities affecting freerdp freerdp are published โ delivered to Slack, Telegram or Discord.
Get Free Alerts โ
Free ยท No credit card ยท 60 sec setup
Affected Versions
FreeRDP / FreeRDP
>= 3.21.0, < 3.28.0
References
github.com: https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-mp3f-59pg-c5pp github.com: https://github.com/FreeRDP/FreeRDP/pull/12952 github.com: https://github.com/FreeRDP/FreeRDP/commit/a7e797626fcb7f1d556ce63febb84f9f4a822731 github.com: https://github.com/FreeRDP/FreeRDP/releases/tag/3.28.0