VYPR
Unrated severityNVD Advisory· Published Feb 9, 2026· Updated Feb 10, 2026

FreeRDP has a heap-use-after-free in urb_bulk_transfer_cb

CVE-2026-24681

Description

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.22.0, aAsynchronous bulk transfer completions can use a freed channel callback after URBDRC channel close, leading to a use after free in urb_write_completion. This vulnerability is fixed in 3.22.0.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

17

Patches

Vulnerability mechanics

References

2

News mentions

0

No linked articles in our index yet.