CVE-2026-44420 | FreeRDP up to 3.25.x CB_CLIP_CAPS PDU capabilitySetLength heap-based overflow (GHSA-mvpx-xj7r-3p3r)

A vulnerability, which was classified as critical, was found in FreeRDP up to 3.25.x. This impacts an unknown function of the component CB_CLIP_CAPS PDU Handler. Such manipulation of the argument capabilitySetLength leads to heap-based buffer overflow.

This vulnerability is documented as CVE-2026-44420. The attack can be executed remotely. There is not any exploit available.

You should upgrade the affected component.VulDB Recent EntriesRead More