CVE-2026-32624 | neutrinolabs xrdp up to 0.10.5 Domain Name xrdp.ini domain_user_separator heap-based overflow (GHSA-7q2g-6fjr-h6pp)

Inserito da Angelo Barbosa | Apr 17, 2026 | CVE

A vulnerability was found in neutrinolabs xrdp up to 0.10.5 and classified as critical. Impacted is the function domain_user_separator of the file xrdp.ini of the component Domain Name Handler. The manipulation results in heap-based buffer overflow.

This vulnerability is known as CVE-2026-32624. It is possible to launch the attack remotely. No exploit is available.

It is suggested to upgrade the affected component.

CVE-2026-32624 | neutrinolabs xrdp up to 0.10.5 Domain Name xrdp.ini domain_user_separator heap-based overflow (GHSA-7q2g-6fjr-h6pp)

Post correlati

CVE-2025-62694 | WikiLove Extension 1.39 on Mediawiki cross site scripting

CVE-2024-4389 | averta Slider & Popup Builder Plugin up to 3.1.1 on WordPress uploadFile unrestricted upload

CVE-2025-24608 | Milan Petrovic GD Mail Queue Plugin up to 4.3 on WordPress cross site scripting

CVE-2023-51673 | Designful Stylish Price List Plugin up to 7.0.17 on WordPress cross-site request forgery