Out-of-bounds Read in Freerdp

CVE-2026-57158

FreeRDP is a free implementation of the Remote Desktop Protocol. From 3.21.0 before 3.28.0, FreeRDP clients using the GFX pipeline contain an incomplete fix for CVE-2026-23530 in planar_decompress_plane_rle_only in libfreerdp/codec/planar…

Vulnerability class: Buffer Overflow

Affected products

  • Freerdp — versions >= 3.21.0, < 3.28.0

Weakness classification (CWE)

References