Vulnerability-Lookup

SUSE-SU-2026:0449-1

Vulnerability from csaf_suse - Published: 2026-02-11 14:53 - Updated: 2026-02-11 14:53

Summary

Security update for freerdp2

Notes

Title of the patch

Security update for freerdp2

Description of the patch

This update for freerdp2 fixes the following issues: - CVE-2026-22852: a malicious RDP server can trigger a heap-buffer-overflow in audin_process_formats (bsc#1256718). - CVE-2026-22854: server-controlled read length is used to read file data into an IRP output can cause heap-buffer-overflow in drive_process_irp_read (bsc#1256720). - CVE-2026-22856: race condition in the serial channel IRP thread tracking can cause heap-use-after-free in create_irp_thread(bsc#1256722). - CVE-2026-22859: improper bound check can lead to heap-buffer-overflow in urb_select_configuration (bsc#1256725). - CVE-2026-23530: improper validation can lead to heap buffer overflow in `planar_decompress_plane_rle` (bsc#1256940). - CVE-2026-23531: improper validation in `clear_decompress` can lead to heap buffer overflow (bsc#1256941). - CVE-2026-23532: mismatch between destination rectangle clamping and the actual copy size can lead to a heap buffer overflow in `gdi_SurfaceToSurface` (bsc#1256942). - CVE-2026-23534: missing checks can lead to heap buffer overflow in `clear_decompress_bands_data` (bsc#1256944).

Patchnames

SUSE-2026-449,SUSE-SLE-Module-Packagehub-Subpackages-15-SP7-2026-449,SUSE-SLE-Product-WE-15-SP7-2026-449

CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://www.suse.com/support/security/rating/",
      "text": "important"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright 2024 SUSE LLC. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "Security update for freerdp2",
        "title": "Title of the patch"
      },
      {
        "category": "description",
        "text": "This update for freerdp2 fixes the following issues:\n\n- CVE-2026-22852: a  malicious RDP server can trigger a heap-buffer-overflow in audin_process_formats (bsc#1256718).\n- CVE-2026-22854: server-controlled read length is used to read file data into an IRP output can cause\n  heap-buffer-overflow in drive_process_irp_read (bsc#1256720).\n- CVE-2026-22856: race condition in the serial channel IRP thread tracking can cause heap-use-after-free\n  in create_irp_thread(bsc#1256722).\n- CVE-2026-22859: improper bound check can lead to heap-buffer-overflow in urb_select_configuration (bsc#1256725).\n- CVE-2026-23530: improper validation can lead to heap buffer overflow in `planar_decompress_plane_rle` (bsc#1256940).\n- CVE-2026-23531: improper validation in `clear_decompress` can lead to heap buffer overflow (bsc#1256941).\n- CVE-2026-23532: mismatch between destination rectangle clamping and the actual copy size can lead to a heap buffer\n  overflow in `gdi_SurfaceToSurface` (bsc#1256942).\n- CVE-2026-23534: missing checks can lead to heap buffer overflow in `clear_decompress_bands_data` (bsc#1256944).\n",
        "title": "Description of the patch"
      },
      {
        "category": "details",
        "text": "SUSE-2026-449,SUSE-SLE-Module-Packagehub-Subpackages-15-SP7-2026-449,SUSE-SLE-Product-WE-15-SP7-2026-449",
        "title": "Patchnames"
      },
      {
        "category": "legal_disclaimer",
        "text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
        "title": "Terms of use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://www.suse.com/support/security/contact/",
      "name": "SUSE Product Security Team",
      "namespace": "https://www.suse.com/"
    },
    "references": [
      {
        "category": "external",
        "summary": "SUSE ratings",
        "url": "https://www.suse.com/support/security/rating/"
      },
      {
        "category": "self",
        "summary": "URL of this CSAF notice",
        "url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2026_0449-1.json"
      },
      {
        "category": "self",
        "summary": "URL for SUSE-SU-2026:0449-1",
        "url": "https://www.suse.com/support/update/announcement/2026/suse-su-20260449-1/"
      },
      {
        "category": "self",
        "summary": "E-Mail link for SUSE-SU-2026:0449-1",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2026-February/024126.html"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1256718",
        "url": "https://bugzilla.suse.com/1256718"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1256720",
        "url": "https://bugzilla.suse.com/1256720"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1256722",
        "url": "https://bugzilla.suse.com/1256722"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1256725",
        "url": "https://bugzilla.suse.com/1256725"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1256940",
        "url": "https://bugzilla.suse.com/1256940"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1256941",
        "url": "https://bugzilla.suse.com/1256941"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1256942",
        "url": "https://bugzilla.suse.com/1256942"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1256944",
        "url": "https://bugzilla.suse.com/1256944"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2026-22852 page",
        "url": "https://www.suse.com/security/cve/CVE-2026-22852/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2026-22854 page",
        "url": "https://www.suse.com/security/cve/CVE-2026-22854/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2026-22856 page",
        "url": "https://www.suse.com/security/cve/CVE-2026-22856/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2026-22859 page",
        "url": "https://www.suse.com/security/cve/CVE-2026-22859/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2026-23530 page",
        "url": "https://www.suse.com/security/cve/CVE-2026-23530/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2026-23531 page",
        "url": "https://www.suse.com/security/cve/CVE-2026-23531/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2026-23532 page",
        "url": "https://www.suse.com/security/cve/CVE-2026-23532/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2026-23534 page",
        "url": "https://www.suse.com/security/cve/CVE-2026-23534/"
      }
    ],
    "title": "Security update for freerdp2",
    "tracking": {
      "current_release_date": "2026-02-11T14:53:55Z",
      "generator": {
        "date": "2026-02-11T14:53:55Z",
        "engine": {
          "name": "cve-database.git:bin/generate-csaf.pl",
          "version": "1"
        }
      },
      "id": "SUSE-SU-2026:0449-1",
      "initial_release_date": "2026-02-11T14:53:55Z",
      "revision_history": [
        {
          "date": "2026-02-11T14:53:55Z",
          "number": "1",
          "summary": "Current version"
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version",
                "name": "freerdp2-2.11.7-150700.3.3.1.aarch64",
                "product": {
                  "name": "freerdp2-2.11.7-150700.3.3.1.aarch64",
                  "product_id": "freerdp2-2.11.7-150700.3.3.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "freerdp2-devel-2.11.7-150700.3.3.1.aarch64",
                "product": {
                  "name": "freerdp2-devel-2.11.7-150700.3.3.1.aarch64",
                  "product_id": "freerdp2-devel-2.11.7-150700.3.3.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "freerdp2-proxy-2.11.7-150700.3.3.1.aarch64",
                "product": {
                  "name": "freerdp2-proxy-2.11.7-150700.3.3.1.aarch64",
                  "product_id": "freerdp2-proxy-2.11.7-150700.3.3.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "freerdp2-server-2.11.7-150700.3.3.1.aarch64",
                "product": {
                  "name": "freerdp2-server-2.11.7-150700.3.3.1.aarch64",
                  "product_id": "freerdp2-server-2.11.7-150700.3.3.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "libfreerdp2-2-2.11.7-150700.3.3.1.aarch64",
                "product": {
                  "name": "libfreerdp2-2-2.11.7-150700.3.3.1.aarch64",
                  "product_id": "libfreerdp2-2-2.11.7-150700.3.3.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "libwinpr2-2-2.11.7-150700.3.3.1.aarch64",
                "product": {
                  "name": "libwinpr2-2-2.11.7-150700.3.3.1.aarch64",
                  "product_id": "libwinpr2-2-2.11.7-150700.3.3.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "winpr2-devel-2.11.7-150700.3.3.1.aarch64",
                "product": {
                  "name": "winpr2-devel-2.11.7-150700.3.3.1.aarch64",
                  "product_id": "winpr2-devel-2.11.7-150700.3.3.1.aarch64"
                }
              }
            ],
            "category": "architecture",
            "name": "aarch64"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "freerdp2-2.11.7-150700.3.3.1.i586",
                "product": {
                  "name": "freerdp2-2.11.7-150700.3.3.1.i586",
                  "product_id": "freerdp2-2.11.7-150700.3.3.1.i586"
                }
              },
              {
                "category": "product_version",
                "name": "freerdp2-devel-2.11.7-150700.3.3.1.i586",
                "product": {
                  "name": "freerdp2-devel-2.11.7-150700.3.3.1.i586",
                  "product_id": "freerdp2-devel-2.11.7-150700.3.3.1.i586"
                }
              },
              {
                "category": "product_version",
                "name": "freerdp2-proxy-2.11.7-150700.3.3.1.i586",
                "product": {
                  "name": "freerdp2-proxy-2.11.7-150700.3.3.1.i586",
                  "product_id": "freerdp2-proxy-2.11.7-150700.3.3.1.i586"
                }
              },
              {
                "category": "product_version",
                "name": "freerdp2-server-2.11.7-150700.3.3.1.i586",
                "product": {
                  "name": "freerdp2-server-2.11.7-150700.3.3.1.i586",
                  "product_id": "freerdp2-server-2.11.7-150700.3.3.1.i586"
                }
              },
              {
                "category": "product_version",
                "name": "libfreerdp2-2-2.11.7-150700.3.3.1.i586",
                "product": {
                  "name": "libfreerdp2-2-2.11.7-150700.3.3.1.i586",
                  "product_id": "libfreerdp2-2-2.11.7-150700.3.3.1.i586"
                }
              },
              {
                "category": "product_version",
                "name": "libwinpr2-2-2.11.7-150700.3.3.1.i586",
                "product": {
                  "name": "libwinpr2-2-2.11.7-150700.3.3.1.i586",
                  "product_id": "libwinpr2-2-2.11.7-150700.3.3.1.i586"
                }
              },
              {
                "category": "product_version",
                "name": "winpr2-devel-2.11.7-150700.3.3.1.i586",
                "product": {
                  "name": "winpr2-devel-2.11.7-150700.3.3.1.i586",
                  "product_id": "winpr2-devel-2.11.7-150700.3.3.1.i586"
                }
              }
            ],
            "category": "architecture",
            "name": "i586"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "freerdp2-2.11.7-150700.3.3.1.ppc64le",
                "product": {
                  "name": "freerdp2-2.11.7-150700.3.3.1.ppc64le",
                  "product_id": "freerdp2-2.11.7-150700.3.3.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "freerdp2-devel-2.11.7-150700.3.3.1.ppc64le",
                "product": {
                  "name": "freerdp2-devel-2.11.7-150700.3.3.1.ppc64le",
                  "product_id": "freerdp2-devel-2.11.7-150700.3.3.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "freerdp2-proxy-2.11.7-150700.3.3.1.ppc64le",
                "product": {
                  "name": "freerdp2-proxy-2.11.7-150700.3.3.1.ppc64le",
                  "product_id": "freerdp2-proxy-2.11.7-150700.3.3.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "freerdp2-server-2.11.7-150700.3.3.1.ppc64le",
                "product": {
                  "name": "freerdp2-server-2.11.7-150700.3.3.1.ppc64le",
                  "product_id": "freerdp2-server-2.11.7-150700.3.3.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "libfreerdp2-2-2.11.7-150700.3.3.1.ppc64le",
                "product": {
                  "name": "libfreerdp2-2-2.11.7-150700.3.3.1.ppc64le",
                  "product_id": "libfreerdp2-2-2.11.7-150700.3.3.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "libwinpr2-2-2.11.7-150700.3.3.1.ppc64le",
                "product": {
                  "name": "libwinpr2-2-2.11.7-150700.3.3.1.ppc64le",
                  "product_id": "libwinpr2-2-2.11.7-150700.3.3.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "winpr2-devel-2.11.7-150700.3.3.1.ppc64le",
                "product": {
                  "name": "winpr2-devel-2.11.7-150700.3.3.1.ppc64le",
                  "product_id": "winpr2-devel-2.11.7-150700.3.3.1.ppc64le"
                }
              }
            ],
            "category": "architecture",
            "name": "ppc64le"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "freerdp2-2.11.7-150700.3.3.1.s390x",
                "product": {
                  "name": "freerdp2-2.11.7-150700.3.3.1.s390x",
                  "product_id": "freerdp2-2.11.7-150700.3.3.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "freerdp2-devel-2.11.7-150700.3.3.1.s390x",
                "product": {
                  "name": "freerdp2-devel-2.11.7-150700.3.3.1.s390x",
                  "product_id": "freerdp2-devel-2.11.7-150700.3.3.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "freerdp2-proxy-2.11.7-150700.3.3.1.s390x",
                "product": {
                  "name": "freerdp2-proxy-2.11.7-150700.3.3.1.s390x",
                  "product_id": "freerdp2-proxy-2.11.7-150700.3.3.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "freerdp2-server-2.11.7-150700.3.3.1.s390x",
                "product": {
                  "name": "freerdp2-server-2.11.7-150700.3.3.1.s390x",
                  "product_id": "freerdp2-server-2.11.7-150700.3.3.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "libfreerdp2-2-2.11.7-150700.3.3.1.s390x",
                "product": {
                  "name": "libfreerdp2-2-2.11.7-150700.3.3.1.s390x",
                  "product_id": "libfreerdp2-2-2.11.7-150700.3.3.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "libwinpr2-2-2.11.7-150700.3.3.1.s390x",
                "product": {
                  "name": "libwinpr2-2-2.11.7-150700.3.3.1.s390x",
                  "product_id": "libwinpr2-2-2.11.7-150700.3.3.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "winpr2-devel-2.11.7-150700.3.3.1.s390x",
                "product": {
                  "name": "winpr2-devel-2.11.7-150700.3.3.1.s390x",
                  "product_id": "winpr2-devel-2.11.7-150700.3.3.1.s390x"
                }
              }
            ],
            "category": "architecture",
            "name": "s390x"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "freerdp2-2.11.7-150700.3.3.1.x86_64",
                "product": {
                  "name": "freerdp2-2.11.7-150700.3.3.1.x86_64",
                  "product_id": "freerdp2-2.11.7-150700.3.3.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "freerdp2-devel-2.11.7-150700.3.3.1.x86_64",
                "product": {
                  "name": "freerdp2-devel-2.11.7-150700.3.3.1.x86_64",
                  "product_id": "freerdp2-devel-2.11.7-150700.3.3.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "freerdp2-proxy-2.11.7-150700.3.3.1.x86_64",
                "product": {
                  "name": "freerdp2-proxy-2.11.7-150700.3.3.1.x86_64",
                  "product_id": "freerdp2-proxy-2.11.7-150700.3.3.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "freerdp2-server-2.11.7-150700.3.3.1.x86_64",
                "product": {
                  "name": "freerdp2-server-2.11.7-150700.3.3.1.x86_64",
                  "product_id": "freerdp2-server-2.11.7-150700.3.3.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "libfreerdp2-2-2.11.7-150700.3.3.1.x86_64",
                "product": {
                  "name": "libfreerdp2-2-2.11.7-150700.3.3.1.x86_64",
                  "product_id": "libfreerdp2-2-2.11.7-150700.3.3.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "libwinpr2-2-2.11.7-150700.3.3.1.x86_64",
                "product": {
                  "name": "libwinpr2-2-2.11.7-150700.3.3.1.x86_64",
                  "product_id": "libwinpr2-2-2.11.7-150700.3.3.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "winpr2-devel-2.11.7-150700.3.3.1.x86_64",
                "product": {
                  "name": "winpr2-devel-2.11.7-150700.3.3.1.x86_64",
                  "product_id": "winpr2-devel-2.11.7-150700.3.3.1.x86_64"
                }
              }
            ],
            "category": "architecture",
            "name": "x86_64"
          },
          {
            "branches": [
              {
                "category": "product_name",
                "name": "SUSE Linux Enterprise Module for Package Hub 15 SP7",
                "product": {
                  "name": "SUSE Linux Enterprise Module for Package Hub 15 SP7",
                  "product_id": "SUSE Linux Enterprise Module for Package Hub 15 SP7",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:suse:packagehub:15:sp7"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "SUSE Linux Enterprise Workstation Extension 15 SP7",
                "product": {
                  "name": "SUSE Linux Enterprise Workstation Extension 15 SP7",
                  "product_id": "SUSE Linux Enterprise Workstation Extension 15 SP7",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:suse:sle-we:15:sp7"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "SUSE Linux Enterprise"
          }
        ],
        "category": "vendor",
        "name": "SUSE"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "winpr2-devel-2.11.7-150700.3.3.1.aarch64 as component of SUSE Linux Enterprise Module for Package Hub 15 SP7",
          "product_id": "SUSE Linux Enterprise Module for Package Hub 15 SP7:winpr2-devel-2.11.7-150700.3.3.1.aarch64"
        },
        "product_reference": "winpr2-devel-2.11.7-150700.3.3.1.aarch64",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Package Hub 15 SP7"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "winpr2-devel-2.11.7-150700.3.3.1.ppc64le as component of SUSE Linux Enterprise Module for Package Hub 15 SP7",
          "product_id": "SUSE Linux Enterprise Module for Package Hub 15 SP7:winpr2-devel-2.11.7-150700.3.3.1.ppc64le"
        },
        "product_reference": "winpr2-devel-2.11.7-150700.3.3.1.ppc64le",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Package Hub 15 SP7"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "winpr2-devel-2.11.7-150700.3.3.1.s390x as component of SUSE Linux Enterprise Module for Package Hub 15 SP7",
          "product_id": "SUSE Linux Enterprise Module for Package Hub 15 SP7:winpr2-devel-2.11.7-150700.3.3.1.s390x"
        },
        "product_reference": "winpr2-devel-2.11.7-150700.3.3.1.s390x",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Package Hub 15 SP7"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "freerdp2-2.11.7-150700.3.3.1.x86_64 as component of SUSE Linux Enterprise Workstation Extension 15 SP7",
          "product_id": "SUSE Linux Enterprise Workstation Extension 15 SP7:freerdp2-2.11.7-150700.3.3.1.x86_64"
        },
        "product_reference": "freerdp2-2.11.7-150700.3.3.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Workstation Extension 15 SP7"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "freerdp2-devel-2.11.7-150700.3.3.1.x86_64 as component of SUSE Linux Enterprise Workstation Extension 15 SP7",
          "product_id": "SUSE Linux Enterprise Workstation Extension 15 SP7:freerdp2-devel-2.11.7-150700.3.3.1.x86_64"
        },
        "product_reference": "freerdp2-devel-2.11.7-150700.3.3.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Workstation Extension 15 SP7"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "freerdp2-proxy-2.11.7-150700.3.3.1.x86_64 as component of SUSE Linux Enterprise Workstation Extension 15 SP7",
          "product_id": "SUSE Linux Enterprise Workstation Extension 15 SP7:freerdp2-proxy-2.11.7-150700.3.3.1.x86_64"
        },
        "product_reference": "freerdp2-proxy-2.11.7-150700.3.3.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Workstation Extension 15 SP7"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "freerdp2-server-2.11.7-150700.3.3.1.x86_64 as component of SUSE Linux Enterprise Workstation Extension 15 SP7",
          "product_id": "SUSE Linux Enterprise Workstation Extension 15 SP7:freerdp2-server-2.11.7-150700.3.3.1.x86_64"
        },
        "product_reference": "freerdp2-server-2.11.7-150700.3.3.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Workstation Extension 15 SP7"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libfreerdp2-2-2.11.7-150700.3.3.1.x86_64 as component of SUSE Linux Enterprise Workstation Extension 15 SP7",
          "product_id": "SUSE Linux Enterprise Workstation Extension 15 SP7:libfreerdp2-2-2.11.7-150700.3.3.1.x86_64"
        },
        "product_reference": "libfreerdp2-2-2.11.7-150700.3.3.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Workstation Extension 15 SP7"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libwinpr2-2-2.11.7-150700.3.3.1.x86_64 as component of SUSE Linux Enterprise Workstation Extension 15 SP7",
          "product_id": "SUSE Linux Enterprise Workstation Extension 15 SP7:libwinpr2-2-2.11.7-150700.3.3.1.x86_64"
        },
        "product_reference": "libwinpr2-2-2.11.7-150700.3.3.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Workstation Extension 15 SP7"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "winpr2-devel-2.11.7-150700.3.3.1.x86_64 as component of SUSE Linux Enterprise Workstation Extension 15 SP7",
          "product_id": "SUSE Linux Enterprise Workstation Extension 15 SP7:winpr2-devel-2.11.7-150700.3.3.1.x86_64"
        },
        "product_reference": "winpr2-devel-2.11.7-150700.3.3.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Workstation Extension 15 SP7"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2026-22852",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2026-22852"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.20.1, a malicious RDP server can trigger a heap-buffer-overflow write in the FreeRDP client when processing Audio Input (AUDIN) format lists. audin_process_formats reuses callback-\u003eformats_count across multiple MSG_SNDIN_FORMATS PDUs and writes past the newly allocated formats array, causing memory corruption and a crash. This vulnerability is fixed in 3.20.1.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Module for Package Hub 15 SP7:winpr2-devel-2.11.7-150700.3.3.1.aarch64",
          "SUSE Linux Enterprise Module for Package Hub 15 SP7:winpr2-devel-2.11.7-150700.3.3.1.ppc64le",
          "SUSE Linux Enterprise Module for Package Hub 15 SP7:winpr2-devel-2.11.7-150700.3.3.1.s390x",
          "SUSE Linux Enterprise Workstation Extension 15 SP7:freerdp2-2.11.7-150700.3.3.1.x86_64",
          "SUSE Linux Enterprise Workstation Extension 15 SP7:freerdp2-devel-2.11.7-150700.3.3.1.x86_64",
          "SUSE Linux Enterprise Workstation Extension 15 SP7:freerdp2-proxy-2.11.7-150700.3.3.1.x86_64",
          "SUSE Linux Enterprise Workstation Extension 15 SP7:freerdp2-server-2.11.7-150700.3.3.1.x86_64",
          "SUSE Linux Enterprise Workstation Extension 15 SP7:libfreerdp2-2-2.11.7-150700.3.3.1.x86_64",
          "SUSE Linux Enterprise Workstation Extension 15 SP7:libwinpr2-2-2.11.7-150700.3.3.1.x86_64",
          "SUSE Linux Enterprise Workstation Extension 15 SP7:winpr2-devel-2.11.7-150700.3.3.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2026-22852",
          "url": "https://www.suse.com/security/cve/CVE-2026-22852"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1256718 for CVE-2026-22852",
          "url": "https://bugzilla.suse.com/1256718"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:winpr2-devel-2.11.7-150700.3.3.1.aarch64",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:winpr2-devel-2.11.7-150700.3.3.1.ppc64le",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:winpr2-devel-2.11.7-150700.3.3.1.s390x",
            "SUSE Linux Enterprise Workstation Extension 15 SP7:freerdp2-2.11.7-150700.3.3.1.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP7:freerdp2-devel-2.11.7-150700.3.3.1.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP7:freerdp2-proxy-2.11.7-150700.3.3.1.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP7:freerdp2-server-2.11.7-150700.3.3.1.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP7:libfreerdp2-2-2.11.7-150700.3.3.1.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP7:libwinpr2-2-2.11.7-150700.3.3.1.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP7:winpr2-devel-2.11.7-150700.3.3.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:winpr2-devel-2.11.7-150700.3.3.1.aarch64",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:winpr2-devel-2.11.7-150700.3.3.1.ppc64le",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:winpr2-devel-2.11.7-150700.3.3.1.s390x",
            "SUSE Linux Enterprise Workstation Extension 15 SP7:freerdp2-2.11.7-150700.3.3.1.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP7:freerdp2-devel-2.11.7-150700.3.3.1.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP7:freerdp2-proxy-2.11.7-150700.3.3.1.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP7:freerdp2-server-2.11.7-150700.3.3.1.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP7:libfreerdp2-2-2.11.7-150700.3.3.1.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP7:libwinpr2-2-2.11.7-150700.3.3.1.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP7:winpr2-devel-2.11.7-150700.3.3.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2026-02-11T14:53:55Z",
          "details": "important"
        }
      ],
      "title": "CVE-2026-22852"
    },
    {
      "cve": "CVE-2026-22854",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2026-22854"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.20.1, a heap-buffer-overflow occurs in drive read when a server-controlled read length is used to read file data into an IRP output stream buffer without a hard upper bound, allowing an oversized read to overwrite heap memory. This vulnerability is fixed in 3.20.1.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Module for Package Hub 15 SP7:winpr2-devel-2.11.7-150700.3.3.1.aarch64",
          "SUSE Linux Enterprise Module for Package Hub 15 SP7:winpr2-devel-2.11.7-150700.3.3.1.ppc64le",
          "SUSE Linux Enterprise Module for Package Hub 15 SP7:winpr2-devel-2.11.7-150700.3.3.1.s390x",
          "SUSE Linux Enterprise Workstation Extension 15 SP7:freerdp2-2.11.7-150700.3.3.1.x86_64",
          "SUSE Linux Enterprise Workstation Extension 15 SP7:freerdp2-devel-2.11.7-150700.3.3.1.x86_64",
          "SUSE Linux Enterprise Workstation Extension 15 SP7:freerdp2-proxy-2.11.7-150700.3.3.1.x86_64",
          "SUSE Linux Enterprise Workstation Extension 15 SP7:freerdp2-server-2.11.7-150700.3.3.1.x86_64",
          "SUSE Linux Enterprise Workstation Extension 15 SP7:libfreerdp2-2-2.11.7-150700.3.3.1.x86_64",
          "SUSE Linux Enterprise Workstation Extension 15 SP7:libwinpr2-2-2.11.7-150700.3.3.1.x86_64",
          "SUSE Linux Enterprise Workstation Extension 15 SP7:winpr2-devel-2.11.7-150700.3.3.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2026-22854",
          "url": "https://www.suse.com/security/cve/CVE-2026-22854"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1256720 for CVE-2026-22854",
          "url": "https://bugzilla.suse.com/1256720"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:winpr2-devel-2.11.7-150700.3.3.1.aarch64",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:winpr2-devel-2.11.7-150700.3.3.1.ppc64le",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:winpr2-devel-2.11.7-150700.3.3.1.s390x",
            "SUSE Linux Enterprise Workstation Extension 15 SP7:freerdp2-2.11.7-150700.3.3.1.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP7:freerdp2-devel-2.11.7-150700.3.3.1.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP7:freerdp2-proxy-2.11.7-150700.3.3.1.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP7:freerdp2-server-2.11.7-150700.3.3.1.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP7:libfreerdp2-2-2.11.7-150700.3.3.1.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP7:libwinpr2-2-2.11.7-150700.3.3.1.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP7:winpr2-devel-2.11.7-150700.3.3.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:winpr2-devel-2.11.7-150700.3.3.1.aarch64",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:winpr2-devel-2.11.7-150700.3.3.1.ppc64le",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:winpr2-devel-2.11.7-150700.3.3.1.s390x",
            "SUSE Linux Enterprise Workstation Extension 15 SP7:freerdp2-2.11.7-150700.3.3.1.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP7:freerdp2-devel-2.11.7-150700.3.3.1.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP7:freerdp2-proxy-2.11.7-150700.3.3.1.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP7:freerdp2-server-2.11.7-150700.3.3.1.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP7:libfreerdp2-2-2.11.7-150700.3.3.1.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP7:libwinpr2-2-2.11.7-150700.3.3.1.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP7:winpr2-devel-2.11.7-150700.3.3.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2026-02-11T14:53:55Z",
          "details": "important"
        }
      ],
      "title": "CVE-2026-22854"
    },
    {
      "cve": "CVE-2026-22856",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2026-22856"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.20.1, a race in the serial channel IRP thread tracking allows a heap use-after-free when one thread removes an entry from serial-\u003eIrpThreads while another reads it. This vulnerability is fixed in 3.20.1.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Module for Package Hub 15 SP7:winpr2-devel-2.11.7-150700.3.3.1.aarch64",
          "SUSE Linux Enterprise Module for Package Hub 15 SP7:winpr2-devel-2.11.7-150700.3.3.1.ppc64le",
          "SUSE Linux Enterprise Module for Package Hub 15 SP7:winpr2-devel-2.11.7-150700.3.3.1.s390x",
          "SUSE Linux Enterprise Workstation Extension 15 SP7:freerdp2-2.11.7-150700.3.3.1.x86_64",
          "SUSE Linux Enterprise Workstation Extension 15 SP7:freerdp2-devel-2.11.7-150700.3.3.1.x86_64",
          "SUSE Linux Enterprise Workstation Extension 15 SP7:freerdp2-proxy-2.11.7-150700.3.3.1.x86_64",
          "SUSE Linux Enterprise Workstation Extension 15 SP7:freerdp2-server-2.11.7-150700.3.3.1.x86_64",
          "SUSE Linux Enterprise Workstation Extension 15 SP7:libfreerdp2-2-2.11.7-150700.3.3.1.x86_64",
          "SUSE Linux Enterprise Workstation Extension 15 SP7:libwinpr2-2-2.11.7-150700.3.3.1.x86_64",
          "SUSE Linux Enterprise Workstation Extension 15 SP7:winpr2-devel-2.11.7-150700.3.3.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2026-22856",
          "url": "https://www.suse.com/security/cve/CVE-2026-22856"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1256722 for CVE-2026-22856",
          "url": "https://bugzilla.suse.com/1256722"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:winpr2-devel-2.11.7-150700.3.3.1.aarch64",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:winpr2-devel-2.11.7-150700.3.3.1.ppc64le",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:winpr2-devel-2.11.7-150700.3.3.1.s390x",
            "SUSE Linux Enterprise Workstation Extension 15 SP7:freerdp2-2.11.7-150700.3.3.1.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP7:freerdp2-devel-2.11.7-150700.3.3.1.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP7:freerdp2-proxy-2.11.7-150700.3.3.1.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP7:freerdp2-server-2.11.7-150700.3.3.1.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP7:libfreerdp2-2-2.11.7-150700.3.3.1.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP7:libwinpr2-2-2.11.7-150700.3.3.1.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP7:winpr2-devel-2.11.7-150700.3.3.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:winpr2-devel-2.11.7-150700.3.3.1.aarch64",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:winpr2-devel-2.11.7-150700.3.3.1.ppc64le",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:winpr2-devel-2.11.7-150700.3.3.1.s390x",
            "SUSE Linux Enterprise Workstation Extension 15 SP7:freerdp2-2.11.7-150700.3.3.1.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP7:freerdp2-devel-2.11.7-150700.3.3.1.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP7:freerdp2-proxy-2.11.7-150700.3.3.1.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP7:freerdp2-server-2.11.7-150700.3.3.1.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP7:libfreerdp2-2-2.11.7-150700.3.3.1.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP7:libwinpr2-2-2.11.7-150700.3.3.1.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP7:winpr2-devel-2.11.7-150700.3.3.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2026-02-11T14:53:55Z",
          "details": "important"
        }
      ],
      "title": "CVE-2026-22856"
    },
    {
      "cve": "CVE-2026-22859",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2026-22859"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.20.1, the URBDRC client does not perform bounds checking on server-supplied MSUSB_INTERFACE_DESCRIPTOR values and uses them as indices in libusb_udev_complete_msconfig_setup, causing an out-of-bounds read. This vulnerability is fixed in 3.20.1.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Module for Package Hub 15 SP7:winpr2-devel-2.11.7-150700.3.3.1.aarch64",
          "SUSE Linux Enterprise Module for Package Hub 15 SP7:winpr2-devel-2.11.7-150700.3.3.1.ppc64le",
          "SUSE Linux Enterprise Module for Package Hub 15 SP7:winpr2-devel-2.11.7-150700.3.3.1.s390x",
          "SUSE Linux Enterprise Workstation Extension 15 SP7:freerdp2-2.11.7-150700.3.3.1.x86_64",
          "SUSE Linux Enterprise Workstation Extension 15 SP7:freerdp2-devel-2.11.7-150700.3.3.1.x86_64",
          "SUSE Linux Enterprise Workstation Extension 15 SP7:freerdp2-proxy-2.11.7-150700.3.3.1.x86_64",
          "SUSE Linux Enterprise Workstation Extension 15 SP7:freerdp2-server-2.11.7-150700.3.3.1.x86_64",
          "SUSE Linux Enterprise Workstation Extension 15 SP7:libfreerdp2-2-2.11.7-150700.3.3.1.x86_64",
          "SUSE Linux Enterprise Workstation Extension 15 SP7:libwinpr2-2-2.11.7-150700.3.3.1.x86_64",
          "SUSE Linux Enterprise Workstation Extension 15 SP7:winpr2-devel-2.11.7-150700.3.3.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2026-22859",
          "url": "https://www.suse.com/security/cve/CVE-2026-22859"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1256725 for CVE-2026-22859",
          "url": "https://bugzilla.suse.com/1256725"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:winpr2-devel-2.11.7-150700.3.3.1.aarch64",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:winpr2-devel-2.11.7-150700.3.3.1.ppc64le",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:winpr2-devel-2.11.7-150700.3.3.1.s390x",
            "SUSE Linux Enterprise Workstation Extension 15 SP7:freerdp2-2.11.7-150700.3.3.1.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP7:freerdp2-devel-2.11.7-150700.3.3.1.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP7:freerdp2-proxy-2.11.7-150700.3.3.1.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP7:freerdp2-server-2.11.7-150700.3.3.1.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP7:libfreerdp2-2-2.11.7-150700.3.3.1.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP7:libwinpr2-2-2.11.7-150700.3.3.1.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP7:winpr2-devel-2.11.7-150700.3.3.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.8,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:winpr2-devel-2.11.7-150700.3.3.1.aarch64",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:winpr2-devel-2.11.7-150700.3.3.1.ppc64le",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:winpr2-devel-2.11.7-150700.3.3.1.s390x",
            "SUSE Linux Enterprise Workstation Extension 15 SP7:freerdp2-2.11.7-150700.3.3.1.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP7:freerdp2-devel-2.11.7-150700.3.3.1.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP7:freerdp2-proxy-2.11.7-150700.3.3.1.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP7:freerdp2-server-2.11.7-150700.3.3.1.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP7:libfreerdp2-2-2.11.7-150700.3.3.1.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP7:libwinpr2-2-2.11.7-150700.3.3.1.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP7:winpr2-devel-2.11.7-150700.3.3.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2026-02-11T14:53:55Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2026-22859"
    },
    {
      "cve": "CVE-2026-23530",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2026-23530"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.21.0,`freerdp_bitmap_decompress_planar` does not validate `nSrcWidth`/`nSrcHeight` against `planar-\u003emaxWidth`/`maxHeight` before RLE decode. A malicious server can trigger a client-side heap buffer overflow, causing a crash (DoS) and potential heap corruption with code-execution risk depending on allocator behavior and surrounding heap layout. Version 3.21.0 contains a patch for the issue.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Module for Package Hub 15 SP7:winpr2-devel-2.11.7-150700.3.3.1.aarch64",
          "SUSE Linux Enterprise Module for Package Hub 15 SP7:winpr2-devel-2.11.7-150700.3.3.1.ppc64le",
          "SUSE Linux Enterprise Module for Package Hub 15 SP7:winpr2-devel-2.11.7-150700.3.3.1.s390x",
          "SUSE Linux Enterprise Workstation Extension 15 SP7:freerdp2-2.11.7-150700.3.3.1.x86_64",
          "SUSE Linux Enterprise Workstation Extension 15 SP7:freerdp2-devel-2.11.7-150700.3.3.1.x86_64",
          "SUSE Linux Enterprise Workstation Extension 15 SP7:freerdp2-proxy-2.11.7-150700.3.3.1.x86_64",
          "SUSE Linux Enterprise Workstation Extension 15 SP7:freerdp2-server-2.11.7-150700.3.3.1.x86_64",
          "SUSE Linux Enterprise Workstation Extension 15 SP7:libfreerdp2-2-2.11.7-150700.3.3.1.x86_64",
          "SUSE Linux Enterprise Workstation Extension 15 SP7:libwinpr2-2-2.11.7-150700.3.3.1.x86_64",
          "SUSE Linux Enterprise Workstation Extension 15 SP7:winpr2-devel-2.11.7-150700.3.3.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2026-23530",
          "url": "https://www.suse.com/security/cve/CVE-2026-23530"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1256940 for CVE-2026-23530",
          "url": "https://bugzilla.suse.com/1256940"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:winpr2-devel-2.11.7-150700.3.3.1.aarch64",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:winpr2-devel-2.11.7-150700.3.3.1.ppc64le",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:winpr2-devel-2.11.7-150700.3.3.1.s390x",
            "SUSE Linux Enterprise Workstation Extension 15 SP7:freerdp2-2.11.7-150700.3.3.1.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP7:freerdp2-devel-2.11.7-150700.3.3.1.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP7:freerdp2-proxy-2.11.7-150700.3.3.1.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP7:freerdp2-server-2.11.7-150700.3.3.1.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP7:libfreerdp2-2-2.11.7-150700.3.3.1.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP7:libwinpr2-2-2.11.7-150700.3.3.1.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP7:winpr2-devel-2.11.7-150700.3.3.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:winpr2-devel-2.11.7-150700.3.3.1.aarch64",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:winpr2-devel-2.11.7-150700.3.3.1.ppc64le",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:winpr2-devel-2.11.7-150700.3.3.1.s390x",
            "SUSE Linux Enterprise Workstation Extension 15 SP7:freerdp2-2.11.7-150700.3.3.1.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP7:freerdp2-devel-2.11.7-150700.3.3.1.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP7:freerdp2-proxy-2.11.7-150700.3.3.1.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP7:freerdp2-server-2.11.7-150700.3.3.1.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP7:libfreerdp2-2-2.11.7-150700.3.3.1.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP7:libwinpr2-2-2.11.7-150700.3.3.1.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP7:winpr2-devel-2.11.7-150700.3.3.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2026-02-11T14:53:55Z",
          "details": "important"
        }
      ],
      "title": "CVE-2026-23530"
    },
    {
      "cve": "CVE-2026-23531",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2026-23531"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.21.0, in ClearCodec, when `glyphData` is present, `clear_decompress` calls `freerdp_image_copy_no_overlap` without validating the destination rectangle, allowing an out-of-bounds read/write via crafted RDPGFX surface updates. A malicious server can trigger a client-side heap buffer overflow, causing a crash (DoS) and potential heap corruption with code-execution risk depending on allocator behavior and surrounding heap layout. Version 3.21.0 contains a patch for the issue.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Module for Package Hub 15 SP7:winpr2-devel-2.11.7-150700.3.3.1.aarch64",
          "SUSE Linux Enterprise Module for Package Hub 15 SP7:winpr2-devel-2.11.7-150700.3.3.1.ppc64le",
          "SUSE Linux Enterprise Module for Package Hub 15 SP7:winpr2-devel-2.11.7-150700.3.3.1.s390x",
          "SUSE Linux Enterprise Workstation Extension 15 SP7:freerdp2-2.11.7-150700.3.3.1.x86_64",
          "SUSE Linux Enterprise Workstation Extension 15 SP7:freerdp2-devel-2.11.7-150700.3.3.1.x86_64",
          "SUSE Linux Enterprise Workstation Extension 15 SP7:freerdp2-proxy-2.11.7-150700.3.3.1.x86_64",
          "SUSE Linux Enterprise Workstation Extension 15 SP7:freerdp2-server-2.11.7-150700.3.3.1.x86_64",
          "SUSE Linux Enterprise Workstation Extension 15 SP7:libfreerdp2-2-2.11.7-150700.3.3.1.x86_64",
          "SUSE Linux Enterprise Workstation Extension 15 SP7:libwinpr2-2-2.11.7-150700.3.3.1.x86_64",
          "SUSE Linux Enterprise Workstation Extension 15 SP7:winpr2-devel-2.11.7-150700.3.3.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2026-23531",
          "url": "https://www.suse.com/security/cve/CVE-2026-23531"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1256941 for CVE-2026-23531",
          "url": "https://bugzilla.suse.com/1256941"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:winpr2-devel-2.11.7-150700.3.3.1.aarch64",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:winpr2-devel-2.11.7-150700.3.3.1.ppc64le",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:winpr2-devel-2.11.7-150700.3.3.1.s390x",
            "SUSE Linux Enterprise Workstation Extension 15 SP7:freerdp2-2.11.7-150700.3.3.1.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP7:freerdp2-devel-2.11.7-150700.3.3.1.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP7:freerdp2-proxy-2.11.7-150700.3.3.1.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP7:freerdp2-server-2.11.7-150700.3.3.1.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP7:libfreerdp2-2-2.11.7-150700.3.3.1.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP7:libwinpr2-2-2.11.7-150700.3.3.1.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP7:winpr2-devel-2.11.7-150700.3.3.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:winpr2-devel-2.11.7-150700.3.3.1.aarch64",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:winpr2-devel-2.11.7-150700.3.3.1.ppc64le",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:winpr2-devel-2.11.7-150700.3.3.1.s390x",
            "SUSE Linux Enterprise Workstation Extension 15 SP7:freerdp2-2.11.7-150700.3.3.1.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP7:freerdp2-devel-2.11.7-150700.3.3.1.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP7:freerdp2-proxy-2.11.7-150700.3.3.1.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP7:freerdp2-server-2.11.7-150700.3.3.1.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP7:libfreerdp2-2-2.11.7-150700.3.3.1.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP7:libwinpr2-2-2.11.7-150700.3.3.1.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP7:winpr2-devel-2.11.7-150700.3.3.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2026-02-11T14:53:55Z",
          "details": "important"
        }
      ],
      "title": "CVE-2026-23531"
    },
    {
      "cve": "CVE-2026-23532",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2026-23532"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.21.0, a client-side heap buffer overflow occurs in the  FreeRDP client\u0027s `gdi_SurfaceToSurface` path due to a mismatch between destination rectangle clamping and the actual copy size. A malicious server can trigger a client-side heap buffer overflow, causing a crash (DoS) and potential heap corruption with code-execution risk depending on allocator behavior and surrounding heap layout. Version 3.21.0 contains a patch for the issue.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Module for Package Hub 15 SP7:winpr2-devel-2.11.7-150700.3.3.1.aarch64",
          "SUSE Linux Enterprise Module for Package Hub 15 SP7:winpr2-devel-2.11.7-150700.3.3.1.ppc64le",
          "SUSE Linux Enterprise Module for Package Hub 15 SP7:winpr2-devel-2.11.7-150700.3.3.1.s390x",
          "SUSE Linux Enterprise Workstation Extension 15 SP7:freerdp2-2.11.7-150700.3.3.1.x86_64",
          "SUSE Linux Enterprise Workstation Extension 15 SP7:freerdp2-devel-2.11.7-150700.3.3.1.x86_64",
          "SUSE Linux Enterprise Workstation Extension 15 SP7:freerdp2-proxy-2.11.7-150700.3.3.1.x86_64",
          "SUSE Linux Enterprise Workstation Extension 15 SP7:freerdp2-server-2.11.7-150700.3.3.1.x86_64",
          "SUSE Linux Enterprise Workstation Extension 15 SP7:libfreerdp2-2-2.11.7-150700.3.3.1.x86_64",
          "SUSE Linux Enterprise Workstation Extension 15 SP7:libwinpr2-2-2.11.7-150700.3.3.1.x86_64",
          "SUSE Linux Enterprise Workstation Extension 15 SP7:winpr2-devel-2.11.7-150700.3.3.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2026-23532",
          "url": "https://www.suse.com/security/cve/CVE-2026-23532"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1256942 for CVE-2026-23532",
          "url": "https://bugzilla.suse.com/1256942"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:winpr2-devel-2.11.7-150700.3.3.1.aarch64",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:winpr2-devel-2.11.7-150700.3.3.1.ppc64le",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:winpr2-devel-2.11.7-150700.3.3.1.s390x",
            "SUSE Linux Enterprise Workstation Extension 15 SP7:freerdp2-2.11.7-150700.3.3.1.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP7:freerdp2-devel-2.11.7-150700.3.3.1.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP7:freerdp2-proxy-2.11.7-150700.3.3.1.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP7:freerdp2-server-2.11.7-150700.3.3.1.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP7:libfreerdp2-2-2.11.7-150700.3.3.1.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP7:libwinpr2-2-2.11.7-150700.3.3.1.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP7:winpr2-devel-2.11.7-150700.3.3.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:winpr2-devel-2.11.7-150700.3.3.1.aarch64",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:winpr2-devel-2.11.7-150700.3.3.1.ppc64le",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:winpr2-devel-2.11.7-150700.3.3.1.s390x",
            "SUSE Linux Enterprise Workstation Extension 15 SP7:freerdp2-2.11.7-150700.3.3.1.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP7:freerdp2-devel-2.11.7-150700.3.3.1.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP7:freerdp2-proxy-2.11.7-150700.3.3.1.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP7:freerdp2-server-2.11.7-150700.3.3.1.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP7:libfreerdp2-2-2.11.7-150700.3.3.1.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP7:libwinpr2-2-2.11.7-150700.3.3.1.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP7:winpr2-devel-2.11.7-150700.3.3.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2026-02-11T14:53:55Z",
          "details": "important"
        }
      ],
      "title": "CVE-2026-23532"
    },
    {
      "cve": "CVE-2026-23534",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2026-23534"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.21.0, a client-side heap buffer overflow occurs in the ClearCodec bands decode path when crafted band coordinates allow writes past the end of the destination surface buffer. A malicious server can trigger a client-side heap buffer overflow, causing a crash (DoS) and potential heap corruption with code-execution risk depending on allocator behavior and surrounding heap layout. Version 3.21.0 contains a patch for the issue.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Module for Package Hub 15 SP7:winpr2-devel-2.11.7-150700.3.3.1.aarch64",
          "SUSE Linux Enterprise Module for Package Hub 15 SP7:winpr2-devel-2.11.7-150700.3.3.1.ppc64le",
          "SUSE Linux Enterprise Module for Package Hub 15 SP7:winpr2-devel-2.11.7-150700.3.3.1.s390x",
          "SUSE Linux Enterprise Workstation Extension 15 SP7:freerdp2-2.11.7-150700.3.3.1.x86_64",
          "SUSE Linux Enterprise Workstation Extension 15 SP7:freerdp2-devel-2.11.7-150700.3.3.1.x86_64",
          "SUSE Linux Enterprise Workstation Extension 15 SP7:freerdp2-proxy-2.11.7-150700.3.3.1.x86_64",
          "SUSE Linux Enterprise Workstation Extension 15 SP7:freerdp2-server-2.11.7-150700.3.3.1.x86_64",
          "SUSE Linux Enterprise Workstation Extension 15 SP7:libfreerdp2-2-2.11.7-150700.3.3.1.x86_64",
          "SUSE Linux Enterprise Workstation Extension 15 SP7:libwinpr2-2-2.11.7-150700.3.3.1.x86_64",
          "SUSE Linux Enterprise Workstation Extension 15 SP7:winpr2-devel-2.11.7-150700.3.3.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2026-23534",
          "url": "https://www.suse.com/security/cve/CVE-2026-23534"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1256944 for CVE-2026-23534",
          "url": "https://bugzilla.suse.com/1256944"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:winpr2-devel-2.11.7-150700.3.3.1.aarch64",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:winpr2-devel-2.11.7-150700.3.3.1.ppc64le",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:winpr2-devel-2.11.7-150700.3.3.1.s390x",
            "SUSE Linux Enterprise Workstation Extension 15 SP7:freerdp2-2.11.7-150700.3.3.1.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP7:freerdp2-devel-2.11.7-150700.3.3.1.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP7:freerdp2-proxy-2.11.7-150700.3.3.1.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP7:freerdp2-server-2.11.7-150700.3.3.1.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP7:libfreerdp2-2-2.11.7-150700.3.3.1.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP7:libwinpr2-2-2.11.7-150700.3.3.1.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP7:winpr2-devel-2.11.7-150700.3.3.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:winpr2-devel-2.11.7-150700.3.3.1.aarch64",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:winpr2-devel-2.11.7-150700.3.3.1.ppc64le",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:winpr2-devel-2.11.7-150700.3.3.1.s390x",
            "SUSE Linux Enterprise Workstation Extension 15 SP7:freerdp2-2.11.7-150700.3.3.1.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP7:freerdp2-devel-2.11.7-150700.3.3.1.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP7:freerdp2-proxy-2.11.7-150700.3.3.1.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP7:freerdp2-server-2.11.7-150700.3.3.1.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP7:libfreerdp2-2-2.11.7-150700.3.3.1.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP7:libwinpr2-2-2.11.7-150700.3.3.1.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP7:winpr2-devel-2.11.7-150700.3.3.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2026-02-11T14:53:55Z",
          "details": "important"
        }
      ],
      "title": "CVE-2026-23534"
    }
  ]
}

CVE-2026-22856 (GCVE-0-2026-22856)

Vulnerability from cvelistv5 – Published: 2026-01-14 17:53 – Updated: 2026-01-16 04:55

Title

FreeRDP has a heap-use-after-free in create_irp_thread

Summary

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.20.1, a race in the serial channel IRP thread tracking allows a heap use‑after‑free when one thread removes an entry from serial->IrpThreads while another reads it. This vulnerability is fixed in 3.20.1.

Severity ?

6.8 (Medium)


                        
                          CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P

CWE

CWE-362 - Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
CWE-416 - Use After Free

Assigner

GitHub_M

References

URL

Tags

	https://github.com/FreeRDP/FreeRDP/security/advis…	x_refsource_CONFIRM
	https://github.com/FreeRDP/FreeRDP/releases/tag/3.20.1	x_refsource_MISC

Impacted products

	Vendor	Product	Version
	FreeRDP	FreeRDP	Affected: < 3.20.1

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2026-22856",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-01-15T00:00:00+00:00",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-01-16T04:55:49.425Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "FreeRDP",
          "vendor": "FreeRDP",
          "versions": [
            {
              "status": "affected",
              "version": "\u003c 3.20.1"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.20.1, a race in the serial channel IRP thread tracking allows a heap use\u2011after\u2011free when one thread removes an entry from serial-\u003eIrpThreads while another reads it. This vulnerability is fixed in 3.20.1."
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "attackComplexity": "HIGH",
            "attackRequirements": "NONE",
            "attackVector": "NETWORK",
            "baseScore": 6.8,
            "baseSeverity": "MEDIUM",
            "privilegesRequired": "NONE",
            "subAvailabilityImpact": "NONE",
            "subConfidentialityImpact": "NONE",
            "subIntegrityImpact": "NONE",
            "userInteraction": "PASSIVE",
            "vectorString": "CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P",
            "version": "4.0",
            "vulnAvailabilityImpact": "HIGH",
            "vulnConfidentialityImpact": "HIGH",
            "vulnIntegrityImpact": "HIGH"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-362",
              "description": "CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        },
        {
          "descriptions": [
            {
              "cweId": "CWE-416",
              "description": "CWE-416: Use After Free",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-01-14T17:53:04.756Z",
        "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "shortName": "GitHub_M"
      },
      "references": [
        {
          "name": "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-w842-c386-fxhv",
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-w842-c386-fxhv"
        },
        {
          "name": "https://github.com/FreeRDP/FreeRDP/releases/tag/3.20.1",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/FreeRDP/FreeRDP/releases/tag/3.20.1"
        }
      ],
      "source": {
        "advisory": "GHSA-w842-c386-fxhv",
        "discovery": "UNKNOWN"
      },
      "title": "FreeRDP has a heap-use-after-free in create_irp_thread"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
    "assignerShortName": "GitHub_M",
    "cveId": "CVE-2026-22856",
    "datePublished": "2026-01-14T17:53:04.756Z",
    "dateReserved": "2026-01-12T16:20:16.746Z",
    "dateUpdated": "2026-01-16T04:55:49.425Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2026-23530 (GCVE-0-2026-23530)

Vulnerability from cvelistv5 – Published: 2026-01-19 16:58 – Updated: 2026-01-20 21:36

Title

FreeRDP has heap-buffer-overflow in planar_decompress_plane_rle

Summary

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.21.0,`freerdp_bitmap_decompress_planar` does not validate `nSrcWidth`/`nSrcHeight` against `planar->maxWidth`/`maxHeight` before RLE decode. A malicious server can trigger a client‑side heap buffer overflow, causing a crash (DoS) and potential heap corruption with code‑execution risk depending on allocator behavior and surrounding heap layout. Version 3.21.0 contains a patch for the issue.

Severity ?

7.7 (High)


                        
                          CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:P

CWE

CWE-122 - Heap-based Buffer Overflow

Assigner

GitHub_M

References

URL

Tags

	https://github.com/FreeRDP/FreeRDP/security/advis…	x_refsource_CONFIRM
	https://github.com/FreeRDP/FreeRDP/blob/38514dfa5…	x_refsource_MISC
	https://github.com/FreeRDP/FreeRDP/blob/38514dfa5…	x_refsource_MISC
	https://github.com/FreeRDP/FreeRDP/blob/38514dfa5…	x_refsource_MISC
	https://github.com/FreeRDP/FreeRDP/releases/tag/3.21.0	x_refsource_MISC

Impacted products

	Vendor	Product	Version
	FreeRDP	FreeRDP	Affected: < 3.21.0

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2026-23530",
                "options": [
                  {
                    "Exploitation": "poc"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-01-20T21:36:24.283241Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-01-20T21:36:30.982Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "FreeRDP",
          "vendor": "FreeRDP",
          "versions": [
            {
              "status": "affected",
              "version": "\u003c 3.21.0"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.21.0,`freerdp_bitmap_decompress_planar` does not validate `nSrcWidth`/`nSrcHeight` against `planar-\u003emaxWidth`/`maxHeight` before RLE decode. A malicious server can trigger a client\u2011side heap buffer overflow, causing a crash (DoS) and potential heap corruption with code\u2011execution risk depending on allocator behavior and surrounding heap layout. Version 3.21.0 contains a patch for the issue."
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "attackComplexity": "LOW",
            "attackRequirements": "NONE",
            "attackVector": "NETWORK",
            "baseScore": 7.7,
            "baseSeverity": "HIGH",
            "privilegesRequired": "NONE",
            "subAvailabilityImpact": "NONE",
            "subConfidentialityImpact": "NONE",
            "subIntegrityImpact": "NONE",
            "userInteraction": "NONE",
            "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:P",
            "version": "4.0",
            "vulnAvailabilityImpact": "HIGH",
            "vulnConfidentialityImpact": "NONE",
            "vulnIntegrityImpact": "NONE"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-122",
              "description": "CWE-122: Heap-based Buffer Overflow",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-01-19T17:18:45.760Z",
        "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "shortName": "GitHub_M"
      },
      "references": [
        {
          "name": "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-r4hv-852m-fq7p",
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-r4hv-852m-fq7p"
        },
        {
          "name": "https://github.com/FreeRDP/FreeRDP/blob/38514dfa5813aa945a86cfbcec279033f8394468/libfreerdp/codec/planar.c#L1689-L1696",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/FreeRDP/FreeRDP/blob/38514dfa5813aa945a86cfbcec279033f8394468/libfreerdp/codec/planar.c#L1689-L1696"
        },
        {
          "name": "https://github.com/FreeRDP/FreeRDP/blob/38514dfa5813aa945a86cfbcec279033f8394468/libfreerdp/codec/planar.c#L1713-L1716",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/FreeRDP/FreeRDP/blob/38514dfa5813aa945a86cfbcec279033f8394468/libfreerdp/codec/planar.c#L1713-L1716"
        },
        {
          "name": "https://github.com/FreeRDP/FreeRDP/blob/38514dfa5813aa945a86cfbcec279033f8394468/libfreerdp/codec/planar.c#L951-L953",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/FreeRDP/FreeRDP/blob/38514dfa5813aa945a86cfbcec279033f8394468/libfreerdp/codec/planar.c#L951-L953"
        },
        {
          "name": "https://github.com/FreeRDP/FreeRDP/releases/tag/3.21.0",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/FreeRDP/FreeRDP/releases/tag/3.21.0"
        }
      ],
      "source": {
        "advisory": "GHSA-r4hv-852m-fq7p",
        "discovery": "UNKNOWN"
      },
      "title": "FreeRDP has heap-buffer-overflow in planar_decompress_plane_rle"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
    "assignerShortName": "GitHub_M",
    "cveId": "CVE-2026-23530",
    "datePublished": "2026-01-19T16:58:46.712Z",
    "dateReserved": "2026-01-13T18:22:43.981Z",
    "dateUpdated": "2026-01-20T21:36:30.982Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2026-23531 (GCVE-0-2026-23531)

Vulnerability from cvelistv5 – Published: 2026-01-19 17:01 – Updated: 2026-01-20 21:37

Title

FreeRDP has heap-buffer-overflow in clear_decompress

Summary

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.21.0, in ClearCodec, when `glyphData` is present, `clear_decompress` calls `freerdp_image_copy_no_overlap` without validating the destination rectangle, allowing an out-of-bounds read/write via crafted RDPGFX surface updates. A malicious server can trigger a client‑side heap buffer overflow, causing a crash (DoS) and potential heap corruption with code‑execution risk depending on allocator behavior and surrounding heap layout. Version 3.21.0 contains a patch for the issue.

Severity ?

7.7 (High)


                        
                          CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:P

CWE

CWE-122 - Heap-based Buffer Overflow

Assigner

GitHub_M

References

URL

Tags

	https://github.com/FreeRDP/FreeRDP/security/advis…	x_refsource_CONFIRM
	https://github.com/FreeRDP/FreeRDP/blob/38514dfa5…	x_refsource_MISC
	https://github.com/FreeRDP/FreeRDP/releases/tag/3.21.0	x_refsource_MISC

Impacted products

	Vendor	Product	Version
	FreeRDP	FreeRDP	Affected: < 3.21.0

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2026-23531",
                "options": [
                  {
                    "Exploitation": "poc"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-01-20T21:37:06.179601Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-01-20T21:37:13.986Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "FreeRDP",
          "vendor": "FreeRDP",
          "versions": [
            {
              "status": "affected",
              "version": "\u003c 3.21.0"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.21.0, in ClearCodec, when `glyphData` is present, `clear_decompress` calls `freerdp_image_copy_no_overlap` without validating the destination rectangle, allowing an out-of-bounds read/write via crafted RDPGFX surface updates. A malicious server can trigger a client\u2011side heap buffer overflow, causing a crash (DoS) and potential heap corruption with code\u2011execution risk depending on allocator behavior and surrounding heap layout. Version 3.21.0 contains a patch for the issue."
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "attackComplexity": "LOW",
            "attackRequirements": "NONE",
            "attackVector": "NETWORK",
            "baseScore": 7.7,
            "baseSeverity": "HIGH",
            "privilegesRequired": "NONE",
            "subAvailabilityImpact": "NONE",
            "subConfidentialityImpact": "NONE",
            "subIntegrityImpact": "NONE",
            "userInteraction": "NONE",
            "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:P",
            "version": "4.0",
            "vulnAvailabilityImpact": "HIGH",
            "vulnConfidentialityImpact": "NONE",
            "vulnIntegrityImpact": "NONE"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-122",
              "description": "CWE-122: Heap-based Buffer Overflow",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-01-19T17:01:01.380Z",
        "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "shortName": "GitHub_M"
      },
      "references": [
        {
          "name": "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-xj5h-9cr5-23c5",
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-xj5h-9cr5-23c5"
        },
        {
          "name": "https://github.com/FreeRDP/FreeRDP/blob/38514dfa5813aa945a86cfbcec279033f8394468/libfreerdp/codec/clear.c#L1139-L1145",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/FreeRDP/FreeRDP/blob/38514dfa5813aa945a86cfbcec279033f8394468/libfreerdp/codec/clear.c#L1139-L1145"
        },
        {
          "name": "https://github.com/FreeRDP/FreeRDP/releases/tag/3.21.0",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/FreeRDP/FreeRDP/releases/tag/3.21.0"
        }
      ],
      "source": {
        "advisory": "GHSA-xj5h-9cr5-23c5",
        "discovery": "UNKNOWN"
      },
      "title": "FreeRDP has heap-buffer-overflow in clear_decompress"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
    "assignerShortName": "GitHub_M",
    "cveId": "CVE-2026-23531",
    "datePublished": "2026-01-19T17:01:01.380Z",
    "dateReserved": "2026-01-13T18:22:43.981Z",
    "dateUpdated": "2026-01-20T21:37:13.986Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2026-23534 (GCVE-0-2026-23534)

Vulnerability from cvelistv5 – Published: 2026-01-19 17:09 – Updated: 2026-01-20 14:42

Title

FreeRDP has heap-buffer-overflow in clear_decompress_bands_data

Summary

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.21.0, a client-side heap buffer overflow occurs in the ClearCodec bands decode path when crafted band coordinates allow writes past the end of the destination surface buffer. A malicious server can trigger a client‑side heap buffer overflow, causing a crash (DoS) and potential heap corruption with code‑execution risk depending on allocator behavior and surrounding heap layout. Version 3.21.0 contains a patch for the issue.

Severity ?

7.7 (High)


                        
                          CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:P

CWE

CWE-122 - Heap-based Buffer Overflow

Assigner

GitHub_M

References

URL

Tags

	https://github.com/FreeRDP/FreeRDP/security/advis…	x_refsource_CONFIRM
	https://github.com/FreeRDP/FreeRDP/blob/38514dfa5…	x_refsource_MISC
	https://github.com/FreeRDP/FreeRDP/blob/38514dfa5…	x_refsource_MISC
	https://github.com/FreeRDP/FreeRDP/releases/tag/3.21.0	x_refsource_MISC

Impacted products

	Vendor	Product	Version
	FreeRDP	FreeRDP	Affected: < 3.21.0

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2026-23534",
                "options": [
                  {
                    "Exploitation": "poc"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-01-20T14:42:05.964862Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-01-20T14:42:31.717Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "FreeRDP",
          "vendor": "FreeRDP",
          "versions": [
            {
              "status": "affected",
              "version": "\u003c 3.21.0"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.21.0, a client-side heap buffer overflow occurs in the ClearCodec bands decode path when crafted band coordinates allow writes past the end of the destination surface buffer. A malicious server can trigger a client\u2011side heap buffer overflow, causing a crash (DoS) and potential heap corruption with code\u2011execution risk depending on allocator behavior and surrounding heap layout. Version 3.21.0 contains a patch for the issue."
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "attackComplexity": "LOW",
            "attackRequirements": "NONE",
            "attackVector": "NETWORK",
            "baseScore": 7.7,
            "baseSeverity": "HIGH",
            "privilegesRequired": "NONE",
            "subAvailabilityImpact": "NONE",
            "subConfidentialityImpact": "NONE",
            "subIntegrityImpact": "NONE",
            "userInteraction": "NONE",
            "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:P",
            "version": "4.0",
            "vulnAvailabilityImpact": "HIGH",
            "vulnConfidentialityImpact": "NONE",
            "vulnIntegrityImpact": "NONE"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-122",
              "description": "CWE-122: Heap-based Buffer Overflow",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-01-19T17:09:55.715Z",
        "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "shortName": "GitHub_M"
      },
      "references": [
        {
          "name": "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-3frr-mp8w-4599",
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-3frr-mp8w-4599"
        },
        {
          "name": "https://github.com/FreeRDP/FreeRDP/blob/38514dfa5813aa945a86cfbcec279033f8394468/libfreerdp/codec/clear.c#L878-L879",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/FreeRDP/FreeRDP/blob/38514dfa5813aa945a86cfbcec279033f8394468/libfreerdp/codec/clear.c#L878-L879"
        },
        {
          "name": "https://github.com/FreeRDP/FreeRDP/blob/38514dfa5813aa945a86cfbcec279033f8394468/libfreerdp/codec/clear.c#L883-L884",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/FreeRDP/FreeRDP/blob/38514dfa5813aa945a86cfbcec279033f8394468/libfreerdp/codec/clear.c#L883-L884"
        },
        {
          "name": "https://github.com/FreeRDP/FreeRDP/releases/tag/3.21.0",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/FreeRDP/FreeRDP/releases/tag/3.21.0"
        }
      ],
      "source": {
        "advisory": "GHSA-3frr-mp8w-4599",
        "discovery": "UNKNOWN"
      },
      "title": "FreeRDP has heap-buffer-overflow in clear_decompress_bands_data"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
    "assignerShortName": "GitHub_M",
    "cveId": "CVE-2026-23534",
    "datePublished": "2026-01-19T17:09:55.715Z",
    "dateReserved": "2026-01-13T18:22:43.981Z",
    "dateUpdated": "2026-01-20T14:42:31.717Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2026-22852 (GCVE-0-2026-22852)

Vulnerability from cvelistv5 – Published: 2026-01-14 17:45 – Updated: 2026-01-16 04:55

Title

FreeRDP has a heap-buffer-overflow in audin_process_formats

Summary

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.20.1, a malicious RDP server can trigger a heap-buffer-overflow write in the FreeRDP client when processing Audio Input (AUDIN) format lists. audin_process_formats reuses callback->formats_count across multiple MSG_SNDIN_FORMATS PDUs and writes past the newly allocated formats array, causing memory corruption and a crash. This vulnerability is fixed in 3.20.1.

Severity ?

6.8 (Medium)


                        
                          CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P

CWE

CWE-787 - Out-of-bounds Write

Assigner

GitHub_M

References

URL

Tags

	https://github.com/FreeRDP/FreeRDP/security/advis…	x_refsource_CONFIRM
	https://github.com/FreeRDP/FreeRDP/releases/tag/3.20.1	x_refsource_MISC

Impacted products

	Vendor	Product	Version
	FreeRDP	FreeRDP	Affected: < 3.20.1

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2026-22852",
                "options": [
                  {
                    "Exploitation": "poc"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-01-15T00:00:00+00:00",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-01-16T04:55:46.208Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "FreeRDP",
          "vendor": "FreeRDP",
          "versions": [
            {
              "status": "affected",
              "version": "\u003c 3.20.1"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.20.1, a malicious RDP server can trigger a heap-buffer-overflow write in the FreeRDP client when processing Audio Input (AUDIN) format lists. audin_process_formats reuses callback-\u003eformats_count across multiple MSG_SNDIN_FORMATS PDUs and writes past the newly allocated formats array, causing memory corruption and a crash. This vulnerability is fixed in 3.20.1."
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "attackComplexity": "HIGH",
            "attackRequirements": "NONE",
            "attackVector": "NETWORK",
            "baseScore": 6.8,
            "baseSeverity": "MEDIUM",
            "privilegesRequired": "NONE",
            "subAvailabilityImpact": "NONE",
            "subConfidentialityImpact": "NONE",
            "subIntegrityImpact": "NONE",
            "userInteraction": "PASSIVE",
            "vectorString": "CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P",
            "version": "4.0",
            "vulnAvailabilityImpact": "HIGH",
            "vulnConfidentialityImpact": "HIGH",
            "vulnIntegrityImpact": "HIGH"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-787",
              "description": "CWE-787: Out-of-bounds Write",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-01-14T17:45:22.253Z",
        "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "shortName": "GitHub_M"
      },
      "references": [
        {
          "name": "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-9chc-g79v-4qq4",
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-9chc-g79v-4qq4"
        },
        {
          "name": "https://github.com/FreeRDP/FreeRDP/releases/tag/3.20.1",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/FreeRDP/FreeRDP/releases/tag/3.20.1"
        }
      ],
      "source": {
        "advisory": "GHSA-9chc-g79v-4qq4",
        "discovery": "UNKNOWN"
      },
      "title": "FreeRDP has a heap-buffer-overflow in audin_process_formats"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
    "assignerShortName": "GitHub_M",
    "cveId": "CVE-2026-22852",
    "datePublished": "2026-01-14T17:45:22.253Z",
    "dateReserved": "2026-01-12T16:20:16.745Z",
    "dateUpdated": "2026-01-16T04:55:46.208Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2026-23532 (GCVE-0-2026-23532)

Vulnerability from cvelistv5 – Published: 2026-01-19 17:03 – Updated: 2026-01-20 21:37

Title

FreeRDP has heap-buffer-overflow in gdi_SurfaceToSurface

Summary

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.21.0, a client-side heap buffer overflow occurs in the FreeRDP client’s `gdi_SurfaceToSurface` path due to a mismatch between destination rectangle clamping and the actual copy size. A malicious server can trigger a client‑side heap buffer overflow, causing a crash (DoS) and potential heap corruption with code‑execution risk depending on allocator behavior and surrounding heap layout. Version 3.21.0 contains a patch for the issue.

Severity ?

7.7 (High)


                        
                          CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:P

CWE

CWE-122 - Heap-based Buffer Overflow

Assigner

GitHub_M

References

URL

Tags

	https://github.com/FreeRDP/FreeRDP/security/advis…	x_refsource_CONFIRM
	https://github.com/FreeRDP/FreeRDP/blob/38514dfa5…	x_refsource_MISC
	https://github.com/FreeRDP/FreeRDP/releases/tag/3.21.0	x_refsource_MISC

Impacted products

	Vendor	Product	Version
	FreeRDP	FreeRDP	Affected: < 3.21.0

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2026-23532",
                "options": [
                  {
                    "Exploitation": "poc"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-01-20T21:37:47.185394Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-01-20T21:37:53.418Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "FreeRDP",
          "vendor": "FreeRDP",
          "versions": [
            {
              "status": "affected",
              "version": "\u003c 3.21.0"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.21.0, a client-side heap buffer overflow occurs in the  FreeRDP client\u2019s `gdi_SurfaceToSurface` path due to a mismatch between destination rectangle clamping and the actual copy size. A malicious server can trigger a client\u2011side heap buffer overflow, causing a crash (DoS) and potential heap corruption with code\u2011execution risk depending on allocator behavior and surrounding heap layout. Version 3.21.0 contains a patch for the issue."
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "attackComplexity": "LOW",
            "attackRequirements": "NONE",
            "attackVector": "NETWORK",
            "baseScore": 7.7,
            "baseSeverity": "HIGH",
            "privilegesRequired": "NONE",
            "subAvailabilityImpact": "NONE",
            "subConfidentialityImpact": "NONE",
            "subIntegrityImpact": "NONE",
            "userInteraction": "NONE",
            "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:P",
            "version": "4.0",
            "vulnAvailabilityImpact": "HIGH",
            "vulnConfidentialityImpact": "NONE",
            "vulnIntegrityImpact": "NONE"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-122",
              "description": "CWE-122: Heap-based Buffer Overflow",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-01-19T17:03:51.328Z",
        "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "shortName": "GitHub_M"
      },
      "references": [
        {
          "name": "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-fq8c-87hj-7gvr",
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-fq8c-87hj-7gvr"
        },
        {
          "name": "https://github.com/FreeRDP/FreeRDP/blob/38514dfa5813aa945a86cfbcec279033f8394468/libfreerdp/gdi/gfx.c#L1368-L1382",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/FreeRDP/FreeRDP/blob/38514dfa5813aa945a86cfbcec279033f8394468/libfreerdp/gdi/gfx.c#L1368-L1382"
        },
        {
          "name": "https://github.com/FreeRDP/FreeRDP/releases/tag/3.21.0",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/FreeRDP/FreeRDP/releases/tag/3.21.0"
        }
      ],
      "source": {
        "advisory": "GHSA-fq8c-87hj-7gvr",
        "discovery": "UNKNOWN"
      },
      "title": "FreeRDP has heap-buffer-overflow in gdi_SurfaceToSurface"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
    "assignerShortName": "GitHub_M",
    "cveId": "CVE-2026-23532",
    "datePublished": "2026-01-19T17:03:51.328Z",
    "dateReserved": "2026-01-13T18:22:43.981Z",
    "dateUpdated": "2026-01-20T21:37:53.418Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2026-22854 (GCVE-0-2026-22854)

Vulnerability from cvelistv5 – Published: 2026-01-14 17:47 – Updated: 2026-01-16 04:55

Title

FreeRDP has a heap-buffer-overflow in drive_process_irp_read

Summary

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.20.1, a heap-buffer-overflow occurs in drive read when a server-controlled read length is used to read file data into an IRP output stream buffer without a hard upper bound, allowing an oversized read to overwrite heap memory. This vulnerability is fixed in 3.20.1.

Severity ?

6.8 (Medium)


                        
                          CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P

CWE

CWE-122 - Heap-based Buffer Overflow

Assigner

GitHub_M

References

URL

Tags

	https://github.com/FreeRDP/FreeRDP/security/advis…	x_refsource_CONFIRM
	https://github.com/FreeRDP/FreeRDP/releases/tag/3.20.1	x_refsource_MISC

Impacted products

	Vendor	Product	Version
	FreeRDP	FreeRDP	Affected: < 3.20.1

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2026-22854",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-01-15T00:00:00+00:00",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-01-16T04:55:48.360Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "FreeRDP",
          "vendor": "FreeRDP",
          "versions": [
            {
              "status": "affected",
              "version": "\u003c 3.20.1"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.20.1, a heap-buffer-overflow occurs in drive read when a server-controlled read length is used to read file data into an IRP output stream buffer without a hard upper bound, allowing an oversized read to overwrite heap memory. This vulnerability is fixed in 3.20.1."
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "attackComplexity": "HIGH",
            "attackRequirements": "NONE",
            "attackVector": "NETWORK",
            "baseScore": 6.8,
            "baseSeverity": "MEDIUM",
            "privilegesRequired": "NONE",
            "subAvailabilityImpact": "NONE",
            "subConfidentialityImpact": "NONE",
            "subIntegrityImpact": "NONE",
            "userInteraction": "PASSIVE",
            "vectorString": "CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P",
            "version": "4.0",
            "vulnAvailabilityImpact": "HIGH",
            "vulnConfidentialityImpact": "HIGH",
            "vulnIntegrityImpact": "HIGH"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-122",
              "description": "CWE-122: Heap-based Buffer Overflow",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-01-14T17:47:49.588Z",
        "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "shortName": "GitHub_M"
      },
      "references": [
        {
          "name": "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-47vj-g3c3-3rmf",
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-47vj-g3c3-3rmf"
        },
        {
          "name": "https://github.com/FreeRDP/FreeRDP/releases/tag/3.20.1",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/FreeRDP/FreeRDP/releases/tag/3.20.1"
        }
      ],
      "source": {
        "advisory": "GHSA-47vj-g3c3-3rmf",
        "discovery": "UNKNOWN"
      },
      "title": "FreeRDP has a heap-buffer-overflow in drive_process_irp_read"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
    "assignerShortName": "GitHub_M",
    "cveId": "CVE-2026-22854",
    "datePublished": "2026-01-14T17:47:49.588Z",
    "dateReserved": "2026-01-12T16:20:16.746Z",
    "dateUpdated": "2026-01-16T04:55:48.360Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2026-22859 (GCVE-0-2026-22859)

Vulnerability from cvelistv5 – Published: 2026-01-14 17:57 – Updated: 2026-01-14 21:13

Title

FreeRDP has a heap-buffer-overflow in urb_select_configuration

Summary

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.20.1, the URBDRC client does not perform bounds checking on server‑supplied MSUSB_INTERFACE_DESCRIPTOR values and uses them as indices in libusb_udev_complete_msconfig_setup, causing an out‑of‑bounds read. This vulnerability is fixed in 3.20.1.

Severity ?

5.6 (Medium)


                        
                          CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:P/VC:H/VI:N/VA:H/SC:N/SI:N/SA:N/E:P

CWE

CWE-125 - Out-of-bounds Read
CWE-129 - Improper Validation of Array Index

Assigner

GitHub_M

References

URL

Tags

	https://github.com/FreeRDP/FreeRDP/security/advis…	x_refsource_CONFIRM
	https://github.com/FreeRDP/FreeRDP/releases/tag/3.20.1	x_refsource_MISC

Impacted products

	Vendor	Product	Version
	FreeRDP	FreeRDP	Affected: < 3.20.1

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2026-22859",
                "options": [
                  {
                    "Exploitation": "poc"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-01-14T21:12:56.146010Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-01-14T21:13:02.936Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "FreeRDP",
          "vendor": "FreeRDP",
          "versions": [
            {
              "status": "affected",
              "version": "\u003c 3.20.1"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.20.1, the URBDRC client does not perform bounds checking on server\u2011supplied MSUSB_INTERFACE_DESCRIPTOR values and uses them as indices in libusb_udev_complete_msconfig_setup, causing an out\u2011of\u2011bounds read. This vulnerability is fixed in 3.20.1."
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "attackComplexity": "HIGH",
            "attackRequirements": "NONE",
            "attackVector": "NETWORK",
            "baseScore": 5.6,
            "baseSeverity": "MEDIUM",
            "privilegesRequired": "NONE",
            "subAvailabilityImpact": "NONE",
            "subConfidentialityImpact": "NONE",
            "subIntegrityImpact": "NONE",
            "userInteraction": "PASSIVE",
            "vectorString": "CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:P/VC:H/VI:N/VA:H/SC:N/SI:N/SA:N/E:P",
            "version": "4.0",
            "vulnAvailabilityImpact": "HIGH",
            "vulnConfidentialityImpact": "HIGH",
            "vulnIntegrityImpact": "NONE"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-125",
              "description": "CWE-125: Out-of-bounds Read",
              "lang": "en",
              "type": "CWE"
            }
          ]
        },
        {
          "descriptions": [
            {
              "cweId": "CWE-129",
              "description": "CWE-129: Improper Validation of Array Index",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-01-14T17:57:37.000Z",
        "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "shortName": "GitHub_M"
      },
      "references": [
        {
          "name": "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-56f5-76qv-2r36",
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-56f5-76qv-2r36"
        },
        {
          "name": "https://github.com/FreeRDP/FreeRDP/releases/tag/3.20.1",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/FreeRDP/FreeRDP/releases/tag/3.20.1"
        }
      ],
      "source": {
        "advisory": "GHSA-56f5-76qv-2r36",
        "discovery": "UNKNOWN"
      },
      "title": "FreeRDP has a heap-buffer-overflow in urb_select_configuration"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
    "assignerShortName": "GitHub_M",
    "cveId": "CVE-2026-22859",
    "datePublished": "2026-01-14T17:57:37.000Z",
    "dateReserved": "2026-01-12T16:20:16.746Z",
    "dateUpdated": "2026-01-14T21:13:02.936Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

Tags

Taxonomy of the tags.

All sightings related to this event Export sightings related to this event

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

SUSE-SU-2026:0449-1

CVE-2026-22856 (GCVE-0-2026-22856)

CVE-2026-23530 (GCVE-0-2026-23530)

CVE-2026-23531 (GCVE-0-2026-23531)

CVE-2026-23534 (GCVE-0-2026-23534)

CVE-2026-22852 (GCVE-0-2026-22852)

CVE-2026-23532 (GCVE-0-2026-23532)

CVE-2026-22854 (GCVE-0-2026-22854)

CVE-2026-22859 (GCVE-0-2026-22859)

Tags

Sightings

Nomenclature