Heap-use-after-free Vulnerability in FreeRDP Remote Desktop Protocol Implementation
CVE-2026-27950

5.5MEDIUM

Key Information:

Vendor

Freerdp

Status
Freerdp
Vendor
CVE Published:
25 February 2026

What is CVE-2026-27950?

FreeRDP, a free implementation of the Remote Desktop Protocol, contains a heap-use-after-free vulnerability in its SDL2 implementation. Prior to version 3.23.0, the fix for this issue was incomplete as the vulnerable execution flow referenced in the advisory still exists in the SDL2 code path. Specifically, the pointer in the SDL2 implementation is not nullified after being freed, allowing for a situation where the advisory incorrectly suggests that the vulnerability is fully resolved. Environments still utilizing SDL2 may be exposed to this unresolved vulnerability, while the complete fix is available in version 3.23.0.

Affected Version(s)

FreeRDP < 3.23.0

References

https://github.com/FreeRDP/FreeRDP/security/advisories/GH...
x_refsource_CONFIRM
https://github.com/FreeRDP/FreeRDP/commit/5f62aa11c1bdf00...
x_refsource_MISC
https://github.com/FreeRDP/FreeRDP/commit/c42ecbd183b001e...
x_refsource_MISC

CVSS V4

Score:
5.5
Severity:
MEDIUM
Confidentiality:
None
Integrity:
None
Availability:
Low
Attack Vector:
Network
Attack Complexity:
Low
Attack Required:
None
Privileges Required:
Undefined
User Interaction:
None

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.