CVE-2026-33982

High

Published: 30 March 2026

Published

30 March 2026

Modified

01 April 2026

KEV Added

—

Patch

—

CVSS Score 7.1 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H

EPSS Score 0.0003 10.1th percentile

Risk Priority 14 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2026-33982 is a high-severity Out-of-bounds Read (CWE-125) vulnerability in Freerdp Freerdp. Its CVSS base score is 7.1 (High).

Operationally, ranked at the 10.1th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.

The strongest mitigations our analysis identified are NIST 800-53 RA-5 (Vulnerability Monitoring and Scanning) and SI-16 (Memory Protection).

Threat & Defense at a Glance

What defenders deploy: see the NIST 800-53 controls recommended below.

Threat & Defense Details

Mitigating Controls (NIST 800-53 r5)AI

SI-2 Flaw Remediation good match

prevent

Directly mandates timely patching of known flaws like the heap-buffer-overflow READ in FreeRDP's winpr_aligned_offset_recalloc().

SI-16 Memory Protection good match

prevent

Implements controls to minimize exploitation of memory vulnerabilities such as out-of-bounds reads leading to disclosure or DoS.

RA-5 Vulnerability Monitoring and Scanning good match

detect

Enables vulnerability scanning to identify and prioritize remediation of the specific FreeRDP heap-buffer-overflow vulnerability.

MITRE ATT&CK Enterprise TechniquesAI

Insufficient information to map techniques.

Confidence: LOW · MITRE ATT&CK Enterprise v18.1

NVD Description

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.24.2, there is a heap-buffer-overflow READ vulnerability at 24 bytes before the allocation, in winpr_aligned_offset_recalloc(). This issue has been patched in version 3.24.2.

Deeper analysisAI

CVE-2026-33982 is a heap-buffer-overflow READ vulnerability located 24 bytes before the allocation in the winpr_aligned_offset_recalloc() function of FreeRDP, an open-source implementation of the Remote Desktop Protocol. This flaw affects FreeRDP versions prior to 3.24.2 and is classified under CWE-125 (Out-of-bounds Read), with a CVSS v3.1 base score of 7.1 (AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H).

The vulnerability can be exploited by a local attacker with no privileges required, provided there is low-complexity attack execution and user interaction, such as running a malicious RDP client or input. Successful exploitation enables high-impact confidentiality and availability effects, potentially allowing memory disclosure or denial-of-service through heap corruption, without integrity impact or scope changes.

FreeRDP developers have addressed the issue in version 3.24.2. Security practitioners should upgrade to this patched release. Additional details are available in the GitHub security advisory at https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-8jm9-2925-g4v2 and the fixing commit at https://github.com/FreeRDP/FreeRDP/commit/a48dbde2c8a5b8b70a9d1c045d969a71afd6284c.

Details

CWE(s): CWE-125

Affected Products

freerdp

≤ 3.24.2

CVEs Like This One

CVE-2026-25942Same product: Freerdp Freerdp

CVE-2026-22855Same product: Freerdp Freerdp

CVE-2026-31885Same product: Freerdp Freerdp

CVE-2026-31897Same product: Freerdp Freerdp

CVE-2026-33985Same product: Freerdp Freerdp

CVE-2026-22859Same product: Freerdp Freerdp

CVE-2026-25941Same product: Freerdp Freerdp

CVE-2026-22858Same product: Freerdp Freerdp

CVE-2026-25997Same product: Freerdp Freerdp

CVE-2026-23533Same product: Freerdp Freerdp

References

https://github.com/FreeRDP/FreeRDP/commit/a48dbde2c8a5b8b70a9d1c045d969a71afd6284c
Patch · security-advisories@github.com
https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-8jm9-2925-g4v2
Patch, Vendor Advisory, Mitigation · security-advisories@github.com