CVE-2026-44420 – FreeRDP

CVSS 8.8 IMPORTANT

“A vulnerable remote desktop client can turn a trusted connection into a direct compromise path.”

FreeRDP released patches for four high-severity vulnerabilities affecting FreeRDP. CVE-2026-40033 has a CVSS score of 8.8, which is High severity. CVE-2026-44420 has a CVSS score of 8.8, which is High severity. CVE-2026-44421 has a CVSS score of 8.8, which is High severity. CVE-2026-44422 has a CVSS score of 7.5, which is High severity.

The update addresses multiple memory safety issues, including heap-based buffer overflows, double-free conditions, and use-after-free vulnerabilities. Public proof-of-concept code is available for all four vulnerabilities. Successful exploitation could allow remote code execution, with one vulnerability also creating privilege escalation risk in affected FreeRDP environments.

Key Details

Affected Product: Freerdp Freerdp
Attack Vector: Network
Attack Complexity: Low
Privileges Required: Low
User Interaction: None
CWE Classification: CWE-122

Patch this CVE on all your endpoints in under 5 minutes. First 200 endpoints are free forever, scale as needed.

CVE-2026-44420 – FreeRDP

Key Details

Stay Tuned

PLATFORM

SOLUTIONS

RESOURCES

COMPANY

LEGAL

CONTACTS

+1-346-444-8530

Toll Free: 833-444-8530

708 Main St, 10th FL, Houston, TX 77002