VYPR
Unrated severityNVD Advisory· Published Feb 25, 2026· Updated Feb 25, 2026

FreeRDP has possible Integer overflow in Stream_EnsureCapacity

CVE-2026-27951

Description

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.23.0, the function Stream_EnsureCapacity can create an endless blocking loop. This may affect all client and server implementations using FreeRDP. For practical exploitation this will only work on 32bit systems where the available physical memory is >= SIZE_MAX. Version 3.23.0 contains a patch. No known workarounds are available.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

8

Patches

Vulnerability mechanics

References

2

News mentions

0

No linked articles in our index yet.