Missing Authentication for Critical Function in xrdp - CVE-2026-55626

 

Missing Authentication for Critical Function in xrdp - CVE-2026-55626

Published: July 1, 2026


Vulnerability identifier: #VU136616
CSH Severity: Low
CVSS v4.0: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:L/SC:N/SI:N/SA:N/E:U/U:Clear
CVE-ID: CVE-2026-55626
CWE-ID: CWE-306
Exploitation vector: Local access
Exploit availability: No public exploit available
Vendor: neutrinolabs
Affected software:
xrdp

Detailed vulnerability description

The vulnerability allows a remote attacker to view or control other users' active desktop sessions.

The vulnerability exists due to improper authentication in the Xvnc backend when initializing an authenticated user session over UNIX domain sockets. A remote attacker can connect to the insufficiently protected Xvnc process to view or control other users' active desktop sessions.

Only systems using the Xvnc backend over UNIX domain sockets are affected; deployments using xorgxrdp or Xvnc over TCP sockets are not affected.


How to mitigate CVE-2026-55626

Install security update from vendor's website.

Sources