CVE-2026-33987 — Heap-based Buffer Overflow in Freerdp

CWE-122 — Heap-based Buffer Overflow CWE-131 — Incorrect Calculation of Buffer Size27 documents7 sources

Severity

6.6MEDIUMNVD

CNA7.1

EPSS

0.0%

top 97.86%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Freerdp

Timeline

PublishedMar 30

Latest updateApr 1

Description

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.24.2, in persistent_cache_read_entry_v3() in libfreerdp/cache/persistent.c, persistent->bmpSize is updated before winpr_aligned_recalloc(). If realloc fails, bmpSize is inflated while bmpData points to the old buffer. This issue has been patched in version 3.24.2.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:HExploitability: 1.3 | Impact: 5.2

Affected Packages2 packages

▶CVEListV5freerdp/freerdp< 3.24.2

▶NVDfreerdp/freerdp< 3.24.2

Patches

Patch: github.com ↗Patch: github.com ↗

🔴Vulnerability Details

CVEList

FreeRDP: Persistent Cache bmpSize Desync - Heap OOB Write↗2026-03-30

▶

OSV

CVE-2026-33987: FreeRDP is a free implementation of the Remote Desktop Protocol↗2026-03-30

▶

📋Vendor Advisories

Red Hat

FreeRDP: FreeRDP: Memory corruption vulnerability allows denial of service or arbitrary code execution↗2026-03-30

▶

Debian

CVE-2026-33987: freerdp2 - FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to versio...↗2026

▶

🕵️Threat Intelligence

Wiz

CVE-2026-26514 Impact, Exploitability, and Mitigation Steps | Wiz↗

▶

Wiz

CVE-2025-63658 Impact, Exploitability, and Mitigation Steps | Wiz↗

▶

Wiz

CVE-2025-63651 Impact, Exploitability, and Mitigation Steps | Wiz↗

▶

Wiz

CVE-2025-65203 Impact, Exploitability, and Mitigation Steps | Wiz↗

▶

Wiz

CVE-2026-33987 Impact, Exploitability, and Mitigation Steps | Wiz↗

▶

💬Community

Bugzilla

CVE-2026-33987 freerdp: FreeRDP: Memory corruption vulnerability allows denial of service or arbitrary code execution [fedora-42]↗2026-04-01

▶

Bugzilla

CVE-2026-33987 freerdp: FreeRDP: Memory corruption vulnerability allows denial of service or arbitrary code execution [fedora-43]↗2026-04-01

▶