Heap-based buffer overflow in FreeRDP - CVE-2026-57156
Published: July 6, 2026
FreeRDP
Detailed vulnerability description
The vulnerability allows a remote attacker to cause a denial of service or execute arbitrary code.
The vulnerability exists due to integer overflow leading to heap-based buffer overflow in libfreerdp/core/orders.c when parsing Orders Delta Points data from a malicious RDP peer. A remote attacker can send a specially crafted value to trigger heap memory corruption to cause a denial of service or execute arbitrary code.
Only 32-bit builds are vulnerable.