Cyber Resilience

CVE-2026-44420

HighPublic PoCUpdated

Published: 29 May 2026

Published
29 May 2026
Modified
30 June 2026
KEV Added
Patch
CVSS Score v3.1 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
EPSS Score 0.0347 87.6th percentile
Risk Priority 55 floored blend · peak EPSS

Summary

CVE-2026-44420 is a high-severity Heap-based Buffer Overflow (CWE-122) vulnerability in Freerdp Freerdp. Its CVSS base score is 8.8 (High).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked in the top 12.4% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.

EU & UK References

Vulnerability details

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.26.0, a malicious RDP client can trigger a heap-buffer-overflow write in FreeRDP's server-side clipboard (cliprdr) channel by sending a CB_CLIP_CAPS PDU with a too-small capabilitySetLength. This can crash…

more

the server process (remote DoS) and may be exploitable for code execution because it corrupts heap memory. This vulnerability is fixed in 3.26.0.

CWE(s)

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1190 Exploit Public-Facing Application Initial Access
Adversaries may attempt to exploit a weakness in an Internet-facing host or system to initially access a network.
T1210 Exploitation of Remote Services Lateral Movement
Adversaries may exploit remote services to gain unauthorized access to internal systems once inside of a network.
Why these techniques?

Heap overflow in FreeRDP server clipboard handling enables remote code execution or DoS against an exposed RDP service (public-facing or internal remote service).

Confidence: HIGH · MITRE ATT&CK Enterprise v19.0

CVEs Like This One

CVE-2026-33987Same product: Freerdp Freerdp
CVE-2026-33984Same product: Freerdp Freerdp
CVE-2026-23732Same product: Freerdp Freerdp
CVE-2026-33986Same product: Freerdp Freerdp
CVE-2026-31806Same product: Freerdp Freerdp
CVE-2026-22853Same product: Freerdp Freerdp
CVE-2026-24682Same product: Freerdp Freerdp
CVE-2026-22857Same product: Freerdp Freerdp
CVE-2026-23532Same product: Freerdp Freerdp
CVE-2026-23534Same product: Freerdp Freerdp

Affected Assets

freerdp
freerdp
≤ 3.26.0

Mitigating Controls

No mitigating controls mapped yet. The per-CVE control annotator has not reached this CVE.

References