anonhaven
Ad

CVE-2026-29776

LOW CVSS 3.1: 3.1 EPSS 0.04%
Updated Mar 17, 2026
Freerdp
Parameter Value
CVSS 3.1 (LOW)
Affected Versions before 3.24.0
Fixed In 3.24.0
Type CWE-789, CWE-190 (Integer Overflow), CWE-400 (Uncontrolled Resource Consumption), CWE-191 (Integer Underflow)
Vendor Freerdp
Public PoC No

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.24.0, Integer Underflow in update_read_cache_bitmap_order Function of FreeRDP's Core Library This vulnerability is fixed in 3.24.0.

Attack Parameters

Attack Vector
Network
Can be exploited remotely
Attack Complexity
High
Difficult to exploit
Privileges Required
None
No privileges needed
User Interaction
Required
User action required

Impact Assessment

Confidentiality
None
No data leak
Integrity
None
No data modification
Availability
Low
Partial disruption

CVSS Vector v3.1

Weakness Type (CWE)

CWE-789
CWE-190 Integer Overflow
CWE-400 Uncontrolled Resource Consumption
CWE-191 Integer Underflow

Vulnerable Products 1

Configuration From (including) Up to (excluding)
Freerdp Freerdp
cpe:2.3:a:freerdp:freerdp:*:*:*:*:*:*:*:*
 3.24.0

References 2

https://github.com/FreeRDP/FreeRDP/commit/a9e0abf2eac8c2e370fa155bf1abb9d044c0c…
security-advisories@github.com
https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-c747-x4wf-cqrr
security-advisories@github.com
Share Post Share Share Share

Related Vulnerabilities

CVE-2026-33987

Freerdp

6.6

CVE-2026-33986

Freerdp

7.5

CVE-2026-33985

Freerdp

7.1

CVE-2026-33984

Freerdp

7.5

CVE-2026-33983

Freerdp

6.5