Microsoft Windows App Client For Windows Desktop
10 CVEs affecting Microsoft Windows App Client For Windows Desktop. Latest disclosed: 2026-04-14. Critical: 0, High: 8.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2026-32157 | High | 8.8 | 2026-04-14 | Use after free in Remote Desktop Client allows an unauthorized attacker to execute code over a network. |
CVE-2025-58718 | High | 8.8 | 2025-10-14 | Use after free in Remote Desktop Client allows an unauthorized attacker to execute code over a network. |
CVE-2025-48817 | High | 8.8 | 2025-07-08 | Relative path traversal in Remote Desktop Client allows an unauthorized attacker to execute code over a network. |
CVE-2025-29967 | High | 8.8 | 2025-05-13 | Heap-based buffer overflow in Remote Desktop Gateway Service allows an unauthorized attacker to execute code over a network. |
CVE-2025-29966 | High | 8.8 | 2025-05-13 | Heap-based buffer overflow in Windows Remote Desktop allows an unauthorized attacker to execute code over a network. |
CVE-2025-26645 | High | 8.8 | 2025-03-11 | Relative path traversal in Remote Desktop Client allows an unauthorized attacker to execute code over a network. |
CVE-2024-49105 | High | 8.4 | 2024-12-10 | Remote Desktop Client Remote Code Execution Vulnerability |
CVE-2025-27487 | High | 8.0 | 2025-04-08 | Heap-based buffer overflow in Remote Desktop Client allows an authorized attacker to execute code over a network. |
CVE-2025-32715 | Medium | 6.5 | 2025-06-10 | Out-of-bounds read in Remote Desktop Client allows an unauthorized attacker to disclose information over a network. |
CVE-2026-23656 | Medium | 5.9 | 2026-03-10 | Insufficient verification of data authenticity in Windows App Installer allows an unauthorized attacker to perform spoofing over a network. |