A vulnerability was found in FreeRDP up to 3.27.x. It has been declared as critical. The affected element is the function update_read_delta_points of the file libfreerdp/core/orders.c of the component Orders. Executing a manipulation of the argument point_count can lead to integer overflow.

The identification of this vulnerability is CVE-2026-57156. The attack may be launched remotely. There is no exploit available.