CVE-2026-25955

Published February 25th, 2026

View on NVD ↗

CVSS v3

9.8

CRITICAL

CVSS v2

N/A

Affected

PROJECT

Description

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.23.0, `xf_AppUpdateWindowFromSurface` reuses a cached `XImage` whose `data` pointer references a freed RDPGFX surface buffer, because `gdi_DeleteSurface` frees `surface->data` without invalidating the `appWindow->image` that aliases it. Version 3.23.0 fixes the issue.

FreeRDP/FreeRDP

FreeRDP is a free remote desktop protocol library and clients

GitHub

13.3K