Message Authentication Code Vulnerability in xrdp by Neutrinolabs
CVE-2026-32105

9.3CRITICAL

Key Information:

Vendor: Neutrinolabs
Status: Xrdp
Vendor: CVE Published:; 17 April 2026

🔔 Create Neutrinolabs Vulnerability Alert

What is CVE-2026-32105?

The xrdp open source RDP server is vulnerable due to a lack of verification for the Message Authentication Code (MAC) signature of encrypted RDP packets when using the Classic RDP Security layer. Although the sender creates signatures correctly, the receiver does not validate the 8-byte integrity signature, leading to potential exploitation by an unauthenticated attacker with man-in-the-middle (MITM) capabilities. This vulnerability allows the attacker to modify traffic without detection. Users are advised to upgrade to version 0.10.6, where this issue is resolved. If immediate upgrading is not possible, modifying the xrdp.ini file to enforce TLS security is recommended to maintain end-to-end integrity.

Affected Version(s)

xrdp < 0.10.6

References

https://github.com/neutrinolabs/xrdp/security/advisories/...

x_refsource_CONFIRM

https://github.com/neutrinolabs/xrdp/releases/tag/v0.10.6

x_refsource_MISC

CVSS V4

Score:

9.3

Severity:

CRITICAL

Confidentiality:

None

Integrity:

High

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

None

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Apr 17, 2026
Vulnerability Reserved
Mar 10, 2026

CVE-2026-32105 Data

JSON