CVE-2026-23532 | FreeRDP up to 3.20.x gdi_SurfaceToSurface heap-based overflow (GHSA-fq8c-87hj-7gvr)

Inserito da Angelo Barbosa | Gen 19, 2026 | CVE

A vulnerability classified as critical has been found in FreeRDP up to 3.20.x. This vulnerability affects the function gdi_SurfaceToSurface. The manipulation leads to heap-based buffer overflow.

This vulnerability is referenced as CVE-2026-23532. Remote exploitation of the attack is possible. No exploit is available.

It is recommended to upgrade the affected component.

CVE-2026-23532 | FreeRDP up to 3.20.x gdi_SurfaceToSurface heap-based overflow (GHSA-fq8c-87hj-7gvr)

Post correlati

CVE-2025-53470 | Apache NimBLE up to 1.8.0 HCI H4 Driver out-of-bounds write

CVE-2024-7511 | Trimble SketchUp Pro prior 24.0.553 SKP File Parser out-of-bounds (ZDI-24-1057)

CVE-2025-23566 | Syed Amir Hussain Custom Post Plugin up to 1.0 on WordPress cross-site request forgery

CVE-2025-7046 | Portfolio for Elementor & Image Gallery Plugin up to 3.2.0/3.2.1 on WordPress cross site scripting