Exposures › CVE-2026-57158
FreeRDP clients using the GFX pipeline before version 3.28.0 are vulnerable to a buffer overflow that allows remote code execution via truncated RDP payloads.
This critical CVE (9.1) enables a remote attacker to execute arbitrary code on FreeRDP clients by sending a malformed RDPGFX payload, exploiting an incomplete fix for a prior vulnerability. DIB organizations using FreeRDP for remote desktop access must immediately patch to version 3.28.0 or risk compromising their remote access infrastructure.
Shame score — The vulnerability stems from an incomplete fix for a prior CVE rather than a new, negligent flaw, and the vendor has provided a patch.
FreeRDP is a free implementation of the Remote Desktop Protocol. From 3.21.0 before 3.28.0, FreeRDP clients using the GFX pipeline contain an incomplete fix for CVE-2026-23530 in planar_decompress_plane_rle_only in libfreerdp/codec/planar.c, allowing a malicious RDP server to send a truncated RDPGFX_CMDID_WIRETOSURFACE_1 planar payload that reads one byte past the input buffer. This issue is fixed in version 3.28.0.
No correlated FedRAMP products.