How is CVE-2026-44421 exploited?

Network reachability (required): The attacker must get the victim's FreeRDP client to connect to an attacker-controlled RDP server over the network. Authentication (not-required): No credentials on the client side are needed; the malicious server simply responds to an incoming RDP session. Victim interaction (required): A user must initiate or accept an RDP connection to the attacker's server, typically via a malicious link, shortcut, or social-engineered hostname. Attack complexity (info): Attack complexity is low: the malformed RDPGFX PDU triggers the overflow reliably whenever the client has RDPGFX enabled.

What is the impact of CVE-2026-44421?

Writes attacker-controlled data well past a heap allocation in the FreeRDP client process, corrupting adjacent heap structures. Crashes the RDP client, terminating the user's remote session and any in-progress work. Can be developed into remote code execution in the client process, giving the attacker the privileges of the user running the RDP client. Compromises the confidentiality of anything the client process can read, including credentials, clipboard contents, and mapped drive data passed over the RDP session.

Back to search

HIGHCVE-2026-44421Published 2026-05-29Modified 2026-05-29CNA GitHub_M

CVE-2026-44421: FreeRDP RDPGFX CacheToSurface heap-buffer-overflow via clamped-rectangle validation bypass

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.26.0, a malicious RDP server can trigger a heap-buffer-overflow write in the FreeRDP client by sending crafted RDPGFX PDUs. The bug is in gdi_CacheToSurface: it validates a destination rectangle that is clamped to UINT16_MAX, but then performs the copy using the original cacheEntry->width/height. This can cause a large out-of-bounds heap write and may lead to client crashes or code execution. This bug is reachable from a malicious RDP server, but only when the client has RDPGFX enabled. This vulnerability is fixed in 3.26.0.

HarborGuard Analysis

HarborGuard analysis

Synopsis

This is a heap buffer overflow in FreeRDP's RDPGFX graphics pipeline, specifically in gdi_CacheToSurface, where a destination rectangle is validated after being clamped to UINT16_MAX while the actual copy uses the original unclamped cache entry width and height. A malicious RDP server can reach the bug over the network when a client connects with RDPGFX enabled and the user accepts the connection, triggering a large out-of-bounds heap write that can crash the client or lead to code execution. Although the description names 3.26.0 as the fix, no fix version was tagged in the published advisory record, so HarborGuard tracks the advisory for patched-image availability.

HarborGuard Coverage

Detection

Detection is available across every HarborGuard environment: the CVE is ingested from upstream feeds within minutes of publication and matched against FreeRDP packages in customer registries and CI pipelines, including custom-built images that bundle FreeRDP as a client or embedded library. Coverage extends to derivative images where FreeRDP is pulled in as a transitive dependency.

Available

Triage

Triage is available with the published CVSS v3.1 score of 8.8 (HIGH) applied as the baseline, then weighted by each customer's compliance policy so that environments running RDP clients on developer or jump-host images get escalated. Findings are routed to the security inbox configured for the owning team inside each customer organization.

Available

Patch

Because no fix version is tagged in the advisory record, HarborGuard re-checks the upstream advisory each ingest cycle and will make a patched-image rebuild available the moment a fixed FreeRDP release is published. For customers with auto-remediation enabled, the rebuild will trigger a regression test run and a PR opened against affected workloads as soon as that upstream fix lands.

Pending upstream

Exploit Conditions

Network reachabilityRequired
The attacker must get the victim's FreeRDP client to connect to an attacker-controlled RDP server over the network.
AuthenticationNot required
No credentials on the client side are needed; the malicious server simply responds to an incoming RDP session.
Victim interactionRequired
A user must initiate or accept an RDP connection to the attacker's server, typically via a malicious link, shortcut, or social-engineered hostname.
Attack complexityDetail
Attack complexity is low: the malformed RDPGFX PDU triggers the overflow reliably whenever the client has RDPGFX enabled.

Blast Radius

Writes attacker-controlled data well past a heap allocation in the FreeRDP client process, corrupting adjacent heap structures.
Crashes the RDP client, terminating the user's remote session and any in-progress work.
Can be developed into remote code execution in the client process, giving the attacker the privileges of the user running the RDP client.
Compromises the confidentiality of anything the client process can read, including credentials, clipboard contents, and mapped drive data passed over the RDP session.

How HarborGuard Handles This

Available on HarborGuard: continuous monitoring of the FreeRDP advisory so that the patched-image rebuild becomes available automatically once the upstream 3.26.0 release is reflected in feed data, with auto-remediation customers receiving a rebuild, regression run, and PR against affected workloads at that point. In the interim, compensating-control suggestions are surfaced on the finding, including restricting outbound RDP egress to known servers, disabling RDPGFX on client builds where it is not needed, and gating RDP client rollouts behind a feature flag so that affected images can be pinned or rolled back quickly once a fixed release is published.

See how HarborGuard automates this

CVSS v3.1: 8.8
Severity: HIGH
Fixed in: —
Affected Products: 1

Affected packages

FreeRDP / FreeRDP
< 3.26.0

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

References

https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-p6r2-4hgm-m6ff