{
  "document": {
    "aggregate_severity": {
      "namespace": "https://access.redhat.com/security/updates/classification/",
      "text": "Important"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright © Red Hat, Inc. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "An update for freerdp is now available for Red Hat Enterprise Linux 10.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
        "title": "Topic"
      },
      {
        "category": "general",
        "text": "FreeRDP is a free implementation of the Remote Desktop Protocol (RDP), released under the Apache license. The xfreerdp client can connect to RDP servers such as Microsoft Windows machines, xrdp, and VirtualBox.\n\nSecurity Fix(es):\n\n* freerdp: FreeRDP heap-buffer-overflow (CVE-2026-22855)\n\n* freerdp: FreeRDP heap-buffer-overflow (CVE-2026-22853)\n\n* freerdp: FreeRDP global-buffer-overflow (CVE-2026-22858)\n\n* freerdp: FreeRDP heap-use-after-free (CVE-2026-22856)\n\n* freerdp: FreeRDP heap-buffer-overflow (CVE-2026-22854)\n\n* freerdp: FreeRDP heap-buffer-overflow (CVE-2026-22859)\n\n* freerdp: FreeRDP heap-buffer-overflow (CVE-2026-22852)\n\n* freerdp: FreeRDP: Denial of Service via FastGlyph parsing buffer overflow (CVE-2026-23732)\n\n* freerdp: FreeRDP: Denial of Service via use after free in ecam_channel_write (CVE-2026-24678)\n\n* freerdp: FreeRDP: Denial of Service via use-after-free in AUDIN format renegotiation (CVE-2026-24676)\n\n* freerdp: FreeRDP has a heap-use-after-free in video_timer (CVE-2026-24491)\n\n* freerdp: FreeRDP has a NULL Pointer Dereference in rdp_write_logon_info_v2() (CVE-2026-23948)\n\n* freerdp: FreeRDP has a Heap-use-after-free in play_thread (CVE-2026-24684)\n\n* freerdp: FreeRDP has a heap-use-after-free in urb_bulk_transfer_cb (CVE-2026-24681)\n\n* freerdp: FreeRDP has a Heap-buffer-overflow in audio_formats_free (CVE-2026-24682)\n\n* freerdp: FreeRDP has a heap-use-after-free in ainput_send_input_event (CVE-2026-24683)\n\n* freerdp: FreeRDP has a heap-buffer-overflow in urb_select_interface (CVE-2026-24679)\n\n* freerdp: FreeRDP has a Heap-use-after-free in urb_select_interface (CVE-2026-24675)\n\n* freerdp: FreeRDP: Arbitrary code execution via heap out-of-bounds write in RLE planar decode path (CVE-2026-26965)\n\n* freerdp: FreeRDP: Arbitrary code execution via heap buffer overflow in GDI surface pipeline (CVE-2026-26955)\n\n* freerdp: FreeRDP: Arbitrary code execution via crafted Remote Desktop Protocol (RDP) server messages (CVE-2026-31806)\n\n* FreeRDP: FreeRDP: Heap buffer overflow allows arbitrary code execution via crafted pixel data (CVE-2026-33984)\n\n* FreeRDP: FreeRDP: Denial of Service via specially crafted Remote Desktop Protocol messages (CVE-2026-33983)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
        "title": "Details"
      },
      {
        "category": "legal_disclaimer",
        "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
        "title": "Terms of Use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://access.redhat.com/security/team/contact/",
      "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
      "name": "Red Hat Product Security",
      "namespace": "https://www.redhat.com"
    },
    "references": [
      {
        "category": "self",
        "summary": "https://access.redhat.com/errata/RHSA-2026:19033",
        "url": "https://access.redhat.com/errata/RHSA-2026:19033"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/updates/classification/#important",
        "url": "https://access.redhat.com/security/updates/classification/#important"
      },
      {
        "category": "external",
        "summary": "2429645",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2429645"
      },
      {
        "category": "external",
        "summary": "2429647",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2429647"
      },
      {
        "category": "external",
        "summary": "2429649",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2429649"
      },
      {
        "category": "external",
        "summary": "2429650",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2429650"
      },
      {
        "category": "external",
        "summary": "2429652",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2429652"
      },
      {
        "category": "external",
        "summary": "2429653",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2429653"
      },
      {
        "category": "external",
        "summary": "2429654",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2429654"
      },
      {
        "category": "external",
        "summary": "2430881",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2430881"
      },
      {
        "category": "external",
        "summary": "2438197",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2438197"
      },
      {
        "category": "external",
        "summary": "2438201",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2438201"
      },
      {
        "category": "external",
        "summary": "2438202",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2438202"
      },
      {
        "category": "external",
        "summary": "2438207",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2438207"
      },
      {
        "category": "external",
        "summary": "2438208",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2438208"
      },
      {
        "category": "external",
        "summary": "2438210",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2438210"
      },
      {
        "category": "external",
        "summary": "2438212",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2438212"
      },
      {
        "category": "external",
        "summary": "2438216",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2438216"
      },
      {
        "category": "external",
        "summary": "2438217",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2438217"
      },
      {
        "category": "external",
        "summary": "2438221",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2438221"
      },
      {
        "category": "external",
        "summary": "2442959",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2442959"
      },
      {
        "category": "external",
        "summary": "2443132",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2443132"
      },
      {
        "category": "external",
        "summary": "2447376",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2447376"
      },
      {
        "category": "external",
        "summary": "2453219",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2453219"
      },
      {
        "category": "external",
        "summary": "2453220",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2453220"
      },
      {
        "category": "self",
        "summary": "Canonical URL",
        "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_19033.json"
      }
    ],
    "title": "Red Hat Security Advisory: freerdp security update",
    "tracking": {
      "current_release_date": "2026-06-30T04:35:57+00:00",
      "generator": {
        "date": "2026-06-30T04:35:57+00:00",
        "engine": {
          "name": "Red Hat SDEngine",
          "version": "5.3.0"
        }
      },
      "id": "RHSA-2026:19033",
      "initial_release_date": "2026-05-19T13:29:01+00:00",
      "revision_history": [
        {
          "date": "2026-05-19T13:29:01+00:00",
          "number": "1",
          "summary": "Initial version"
        },
        {
          "date": "2026-05-19T13:29:01+00:00",
          "number": "2",
          "summary": "Last updated version"
        },
        {
          "date": "2026-06-30T04:35:57+00:00",
          "number": "3",
          "summary": "Last generated version"
        }
      ],
      "status": "final",
      "version": "3"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_name",
                "name": "Red Hat Enterprise Linux AppStream (v. 10)",
                "product": {
                  "name": "Red Hat Enterprise Linux AppStream (v. 10)",
                  "product_id": "AppStream-10.2.Z",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:redhat:enterprise_linux:10.2"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Red Hat Enterprise Linux CodeReady Linux Builder (v. 10)",
                "product": {
                  "name": "Red Hat Enterprise Linux CodeReady Linux Builder (v. 10)",
                  "product_id": "CRB-10.2.Z",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:redhat:enterprise_linux:10.2"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "Red Hat Enterprise Linux"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "freerdp-2:3.10.3-12.el10_2.2.src",
                "product": {
                  "name": "freerdp-2:3.10.3-12.el10_2.2.src",
                  "product_id": "freerdp-2:3.10.3-12.el10_2.2.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/freerdp@3.10.3-12.el10_2.2?arch=src&epoch=2"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "src"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "freerdp-2:3.10.3-12.el10_2.2.aarch64",
                "product": {
                  "name": "freerdp-2:3.10.3-12.el10_2.2.aarch64",
                  "product_id": "freerdp-2:3.10.3-12.el10_2.2.aarch64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/freerdp@3.10.3-12.el10_2.2?arch=aarch64&epoch=2"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "freerdp-libs-2:3.10.3-12.el10_2.2.aarch64",
                "product": {
                  "name": "freerdp-libs-2:3.10.3-12.el10_2.2.aarch64",
                  "product_id": "freerdp-libs-2:3.10.3-12.el10_2.2.aarch64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/freerdp-libs@3.10.3-12.el10_2.2?arch=aarch64&epoch=2"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "libwinpr-2:3.10.3-12.el10_2.2.aarch64",
                "product": {
                  "name": "libwinpr-2:3.10.3-12.el10_2.2.aarch64",
                  "product_id": "libwinpr-2:3.10.3-12.el10_2.2.aarch64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/libwinpr@3.10.3-12.el10_2.2?arch=aarch64&epoch=2"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "freerdp-debugsource-2:3.10.3-12.el10_2.2.aarch64",
                "product": {
                  "name": "freerdp-debugsource-2:3.10.3-12.el10_2.2.aarch64",
                  "product_id": "freerdp-debugsource-2:3.10.3-12.el10_2.2.aarch64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/freerdp-debugsource@3.10.3-12.el10_2.2?arch=aarch64&epoch=2"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "freerdp-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
                "product": {
                  "name": "freerdp-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
                  "product_id": "freerdp-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/freerdp-debuginfo@3.10.3-12.el10_2.2?arch=aarch64&epoch=2"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
                "product": {
                  "name": "freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
                  "product_id": "freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/freerdp-libs-debuginfo@3.10.3-12.el10_2.2?arch=aarch64&epoch=2"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
                "product": {
                  "name": "freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
                  "product_id": "freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/freerdp-server-debuginfo@3.10.3-12.el10_2.2?arch=aarch64&epoch=2"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "libwinpr-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
                "product": {
                  "name": "libwinpr-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
                  "product_id": "libwinpr-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/libwinpr-debuginfo@3.10.3-12.el10_2.2?arch=aarch64&epoch=2"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "freerdp-devel-2:3.10.3-12.el10_2.2.aarch64",
                "product": {
                  "name": "freerdp-devel-2:3.10.3-12.el10_2.2.aarch64",
                  "product_id": "freerdp-devel-2:3.10.3-12.el10_2.2.aarch64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/freerdp-devel@3.10.3-12.el10_2.2?arch=aarch64&epoch=2"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "freerdp-server-2:3.10.3-12.el10_2.2.aarch64",
                "product": {
                  "name": "freerdp-server-2:3.10.3-12.el10_2.2.aarch64",
                  "product_id": "freerdp-server-2:3.10.3-12.el10_2.2.aarch64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/freerdp-server@3.10.3-12.el10_2.2?arch=aarch64&epoch=2"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "libwinpr-devel-2:3.10.3-12.el10_2.2.aarch64",
                "product": {
                  "name": "libwinpr-devel-2:3.10.3-12.el10_2.2.aarch64",
                  "product_id": "libwinpr-devel-2:3.10.3-12.el10_2.2.aarch64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/libwinpr-devel@3.10.3-12.el10_2.2?arch=aarch64&epoch=2"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "aarch64"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "freerdp-2:3.10.3-12.el10_2.2.ppc64le",
                "product": {
                  "name": "freerdp-2:3.10.3-12.el10_2.2.ppc64le",
                  "product_id": "freerdp-2:3.10.3-12.el10_2.2.ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/freerdp@3.10.3-12.el10_2.2?arch=ppc64le&epoch=2"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "freerdp-libs-2:3.10.3-12.el10_2.2.ppc64le",
                "product": {
                  "name": "freerdp-libs-2:3.10.3-12.el10_2.2.ppc64le",
                  "product_id": "freerdp-libs-2:3.10.3-12.el10_2.2.ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/freerdp-libs@3.10.3-12.el10_2.2?arch=ppc64le&epoch=2"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "libwinpr-2:3.10.3-12.el10_2.2.ppc64le",
                "product": {
                  "name": "libwinpr-2:3.10.3-12.el10_2.2.ppc64le",
                  "product_id": "libwinpr-2:3.10.3-12.el10_2.2.ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/libwinpr@3.10.3-12.el10_2.2?arch=ppc64le&epoch=2"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "freerdp-debugsource-2:3.10.3-12.el10_2.2.ppc64le",
                "product": {
                  "name": "freerdp-debugsource-2:3.10.3-12.el10_2.2.ppc64le",
                  "product_id": "freerdp-debugsource-2:3.10.3-12.el10_2.2.ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/freerdp-debugsource@3.10.3-12.el10_2.2?arch=ppc64le&epoch=2"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "freerdp-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
                "product": {
                  "name": "freerdp-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
                  "product_id": "freerdp-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/freerdp-debuginfo@3.10.3-12.el10_2.2?arch=ppc64le&epoch=2"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
                "product": {
                  "name": "freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
                  "product_id": "freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/freerdp-libs-debuginfo@3.10.3-12.el10_2.2?arch=ppc64le&epoch=2"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
                "product": {
                  "name": "freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
                  "product_id": "freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/freerdp-server-debuginfo@3.10.3-12.el10_2.2?arch=ppc64le&epoch=2"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "libwinpr-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
                "product": {
                  "name": "libwinpr-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
                  "product_id": "libwinpr-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/libwinpr-debuginfo@3.10.3-12.el10_2.2?arch=ppc64le&epoch=2"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "freerdp-devel-2:3.10.3-12.el10_2.2.ppc64le",
                "product": {
                  "name": "freerdp-devel-2:3.10.3-12.el10_2.2.ppc64le",
                  "product_id": "freerdp-devel-2:3.10.3-12.el10_2.2.ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/freerdp-devel@3.10.3-12.el10_2.2?arch=ppc64le&epoch=2"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "freerdp-server-2:3.10.3-12.el10_2.2.ppc64le",
                "product": {
                  "name": "freerdp-server-2:3.10.3-12.el10_2.2.ppc64le",
                  "product_id": "freerdp-server-2:3.10.3-12.el10_2.2.ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/freerdp-server@3.10.3-12.el10_2.2?arch=ppc64le&epoch=2"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "libwinpr-devel-2:3.10.3-12.el10_2.2.ppc64le",
                "product": {
                  "name": "libwinpr-devel-2:3.10.3-12.el10_2.2.ppc64le",
                  "product_id": "libwinpr-devel-2:3.10.3-12.el10_2.2.ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/libwinpr-devel@3.10.3-12.el10_2.2?arch=ppc64le&epoch=2"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "ppc64le"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "freerdp-2:3.10.3-12.el10_2.2.s390x",
                "product": {
                  "name": "freerdp-2:3.10.3-12.el10_2.2.s390x",
                  "product_id": "freerdp-2:3.10.3-12.el10_2.2.s390x",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/freerdp@3.10.3-12.el10_2.2?arch=s390x&epoch=2"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "freerdp-libs-2:3.10.3-12.el10_2.2.s390x",
                "product": {
                  "name": "freerdp-libs-2:3.10.3-12.el10_2.2.s390x",
                  "product_id": "freerdp-libs-2:3.10.3-12.el10_2.2.s390x",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/freerdp-libs@3.10.3-12.el10_2.2?arch=s390x&epoch=2"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "libwinpr-2:3.10.3-12.el10_2.2.s390x",
                "product": {
                  "name": "libwinpr-2:3.10.3-12.el10_2.2.s390x",
                  "product_id": "libwinpr-2:3.10.3-12.el10_2.2.s390x",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/libwinpr@3.10.3-12.el10_2.2?arch=s390x&epoch=2"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "freerdp-debugsource-2:3.10.3-12.el10_2.2.s390x",
                "product": {
                  "name": "freerdp-debugsource-2:3.10.3-12.el10_2.2.s390x",
                  "product_id": "freerdp-debugsource-2:3.10.3-12.el10_2.2.s390x",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/freerdp-debugsource@3.10.3-12.el10_2.2?arch=s390x&epoch=2"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "freerdp-debuginfo-2:3.10.3-12.el10_2.2.s390x",
                "product": {
                  "name": "freerdp-debuginfo-2:3.10.3-12.el10_2.2.s390x",
                  "product_id": "freerdp-debuginfo-2:3.10.3-12.el10_2.2.s390x",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/freerdp-debuginfo@3.10.3-12.el10_2.2?arch=s390x&epoch=2"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.s390x",
                "product": {
                  "name": "freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.s390x",
                  "product_id": "freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.s390x",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/freerdp-libs-debuginfo@3.10.3-12.el10_2.2?arch=s390x&epoch=2"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.s390x",
                "product": {
                  "name": "freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.s390x",
                  "product_id": "freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.s390x",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/freerdp-server-debuginfo@3.10.3-12.el10_2.2?arch=s390x&epoch=2"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "libwinpr-debuginfo-2:3.10.3-12.el10_2.2.s390x",
                "product": {
                  "name": "libwinpr-debuginfo-2:3.10.3-12.el10_2.2.s390x",
                  "product_id": "libwinpr-debuginfo-2:3.10.3-12.el10_2.2.s390x",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/libwinpr-debuginfo@3.10.3-12.el10_2.2?arch=s390x&epoch=2"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "freerdp-devel-2:3.10.3-12.el10_2.2.s390x",
                "product": {
                  "name": "freerdp-devel-2:3.10.3-12.el10_2.2.s390x",
                  "product_id": "freerdp-devel-2:3.10.3-12.el10_2.2.s390x",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/freerdp-devel@3.10.3-12.el10_2.2?arch=s390x&epoch=2"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "freerdp-server-2:3.10.3-12.el10_2.2.s390x",
                "product": {
                  "name": "freerdp-server-2:3.10.3-12.el10_2.2.s390x",
                  "product_id": "freerdp-server-2:3.10.3-12.el10_2.2.s390x",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/freerdp-server@3.10.3-12.el10_2.2?arch=s390x&epoch=2"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "libwinpr-devel-2:3.10.3-12.el10_2.2.s390x",
                "product": {
                  "name": "libwinpr-devel-2:3.10.3-12.el10_2.2.s390x",
                  "product_id": "libwinpr-devel-2:3.10.3-12.el10_2.2.s390x",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/libwinpr-devel@3.10.3-12.el10_2.2?arch=s390x&epoch=2"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "s390x"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "freerdp-2:3.10.3-12.el10_2.2.x86_64",
                "product": {
                  "name": "freerdp-2:3.10.3-12.el10_2.2.x86_64",
                  "product_id": "freerdp-2:3.10.3-12.el10_2.2.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/freerdp@3.10.3-12.el10_2.2?arch=x86_64&epoch=2"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "freerdp-libs-2:3.10.3-12.el10_2.2.x86_64",
                "product": {
                  "name": "freerdp-libs-2:3.10.3-12.el10_2.2.x86_64",
                  "product_id": "freerdp-libs-2:3.10.3-12.el10_2.2.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/freerdp-libs@3.10.3-12.el10_2.2?arch=x86_64&epoch=2"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "libwinpr-2:3.10.3-12.el10_2.2.x86_64",
                "product": {
                  "name": "libwinpr-2:3.10.3-12.el10_2.2.x86_64",
                  "product_id": "libwinpr-2:3.10.3-12.el10_2.2.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/libwinpr@3.10.3-12.el10_2.2?arch=x86_64&epoch=2"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "freerdp-debugsource-2:3.10.3-12.el10_2.2.x86_64",
                "product": {
                  "name": "freerdp-debugsource-2:3.10.3-12.el10_2.2.x86_64",
                  "product_id": "freerdp-debugsource-2:3.10.3-12.el10_2.2.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/freerdp-debugsource@3.10.3-12.el10_2.2?arch=x86_64&epoch=2"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "freerdp-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
                "product": {
                  "name": "freerdp-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
                  "product_id": "freerdp-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/freerdp-debuginfo@3.10.3-12.el10_2.2?arch=x86_64&epoch=2"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
                "product": {
                  "name": "freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
                  "product_id": "freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/freerdp-libs-debuginfo@3.10.3-12.el10_2.2?arch=x86_64&epoch=2"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
                "product": {
                  "name": "freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
                  "product_id": "freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/freerdp-server-debuginfo@3.10.3-12.el10_2.2?arch=x86_64&epoch=2"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "libwinpr-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
                "product": {
                  "name": "libwinpr-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
                  "product_id": "libwinpr-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/libwinpr-debuginfo@3.10.3-12.el10_2.2?arch=x86_64&epoch=2"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "freerdp-devel-2:3.10.3-12.el10_2.2.x86_64",
                "product": {
                  "name": "freerdp-devel-2:3.10.3-12.el10_2.2.x86_64",
                  "product_id": "freerdp-devel-2:3.10.3-12.el10_2.2.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/freerdp-devel@3.10.3-12.el10_2.2?arch=x86_64&epoch=2"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "freerdp-server-2:3.10.3-12.el10_2.2.x86_64",
                "product": {
                  "name": "freerdp-server-2:3.10.3-12.el10_2.2.x86_64",
                  "product_id": "freerdp-server-2:3.10.3-12.el10_2.2.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/freerdp-server@3.10.3-12.el10_2.2?arch=x86_64&epoch=2"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "libwinpr-devel-2:3.10.3-12.el10_2.2.x86_64",
                "product": {
                  "name": "libwinpr-devel-2:3.10.3-12.el10_2.2.x86_64",
                  "product_id": "libwinpr-devel-2:3.10.3-12.el10_2.2.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/libwinpr-devel@3.10.3-12.el10_2.2?arch=x86_64&epoch=2"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "x86_64"
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "freerdp-2:3.10.3-12.el10_2.2.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 10)",
          "product_id": "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.aarch64"
        },
        "product_reference": "freerdp-2:3.10.3-12.el10_2.2.aarch64",
        "relates_to_product_reference": "AppStream-10.2.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "freerdp-2:3.10.3-12.el10_2.2.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 10)",
          "product_id": "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.ppc64le"
        },
        "product_reference": "freerdp-2:3.10.3-12.el10_2.2.ppc64le",
        "relates_to_product_reference": "AppStream-10.2.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "freerdp-2:3.10.3-12.el10_2.2.s390x as a component of Red Hat Enterprise Linux AppStream (v. 10)",
          "product_id": "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.s390x"
        },
        "product_reference": "freerdp-2:3.10.3-12.el10_2.2.s390x",
        "relates_to_product_reference": "AppStream-10.2.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "freerdp-2:3.10.3-12.el10_2.2.src as a component of Red Hat Enterprise Linux AppStream (v. 10)",
          "product_id": "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.src"
        },
        "product_reference": "freerdp-2:3.10.3-12.el10_2.2.src",
        "relates_to_product_reference": "AppStream-10.2.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "freerdp-2:3.10.3-12.el10_2.2.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 10)",
          "product_id": "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.x86_64"
        },
        "product_reference": "freerdp-2:3.10.3-12.el10_2.2.x86_64",
        "relates_to_product_reference": "AppStream-10.2.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "freerdp-debuginfo-2:3.10.3-12.el10_2.2.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 10)",
          "product_id": "AppStream-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.aarch64"
        },
        "product_reference": "freerdp-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
        "relates_to_product_reference": "AppStream-10.2.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "freerdp-debuginfo-2:3.10.3-12.el10_2.2.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 10)",
          "product_id": "AppStream-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.ppc64le"
        },
        "product_reference": "freerdp-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
        "relates_to_product_reference": "AppStream-10.2.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "freerdp-debuginfo-2:3.10.3-12.el10_2.2.s390x as a component of Red Hat Enterprise Linux AppStream (v. 10)",
          "product_id": "AppStream-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.s390x"
        },
        "product_reference": "freerdp-debuginfo-2:3.10.3-12.el10_2.2.s390x",
        "relates_to_product_reference": "AppStream-10.2.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "freerdp-debuginfo-2:3.10.3-12.el10_2.2.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 10)",
          "product_id": "AppStream-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.x86_64"
        },
        "product_reference": "freerdp-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
        "relates_to_product_reference": "AppStream-10.2.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "freerdp-debugsource-2:3.10.3-12.el10_2.2.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 10)",
          "product_id": "AppStream-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.aarch64"
        },
        "product_reference": "freerdp-debugsource-2:3.10.3-12.el10_2.2.aarch64",
        "relates_to_product_reference": "AppStream-10.2.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "freerdp-debugsource-2:3.10.3-12.el10_2.2.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 10)",
          "product_id": "AppStream-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.ppc64le"
        },
        "product_reference": "freerdp-debugsource-2:3.10.3-12.el10_2.2.ppc64le",
        "relates_to_product_reference": "AppStream-10.2.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "freerdp-debugsource-2:3.10.3-12.el10_2.2.s390x as a component of Red Hat Enterprise Linux AppStream (v. 10)",
          "product_id": "AppStream-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.s390x"
        },
        "product_reference": "freerdp-debugsource-2:3.10.3-12.el10_2.2.s390x",
        "relates_to_product_reference": "AppStream-10.2.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "freerdp-debugsource-2:3.10.3-12.el10_2.2.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 10)",
          "product_id": "AppStream-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.x86_64"
        },
        "product_reference": "freerdp-debugsource-2:3.10.3-12.el10_2.2.x86_64",
        "relates_to_product_reference": "AppStream-10.2.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "freerdp-libs-2:3.10.3-12.el10_2.2.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 10)",
          "product_id": "AppStream-10.2.Z:freerdp-libs-2:3.10.3-12.el10_2.2.aarch64"
        },
        "product_reference": "freerdp-libs-2:3.10.3-12.el10_2.2.aarch64",
        "relates_to_product_reference": "AppStream-10.2.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "freerdp-libs-2:3.10.3-12.el10_2.2.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 10)",
          "product_id": "AppStream-10.2.Z:freerdp-libs-2:3.10.3-12.el10_2.2.ppc64le"
        },
        "product_reference": "freerdp-libs-2:3.10.3-12.el10_2.2.ppc64le",
        "relates_to_product_reference": "AppStream-10.2.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "freerdp-libs-2:3.10.3-12.el10_2.2.s390x as a component of Red Hat Enterprise Linux AppStream (v. 10)",
          "product_id": "AppStream-10.2.Z:freerdp-libs-2:3.10.3-12.el10_2.2.s390x"
        },
        "product_reference": "freerdp-libs-2:3.10.3-12.el10_2.2.s390x",
        "relates_to_product_reference": "AppStream-10.2.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "freerdp-libs-2:3.10.3-12.el10_2.2.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 10)",
          "product_id": "AppStream-10.2.Z:freerdp-libs-2:3.10.3-12.el10_2.2.x86_64"
        },
        "product_reference": "freerdp-libs-2:3.10.3-12.el10_2.2.x86_64",
        "relates_to_product_reference": "AppStream-10.2.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 10)",
          "product_id": "AppStream-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.aarch64"
        },
        "product_reference": "freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
        "relates_to_product_reference": "AppStream-10.2.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 10)",
          "product_id": "AppStream-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.ppc64le"
        },
        "product_reference": "freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
        "relates_to_product_reference": "AppStream-10.2.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.s390x as a component of Red Hat Enterprise Linux AppStream (v. 10)",
          "product_id": "AppStream-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.s390x"
        },
        "product_reference": "freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.s390x",
        "relates_to_product_reference": "AppStream-10.2.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 10)",
          "product_id": "AppStream-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.x86_64"
        },
        "product_reference": "freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
        "relates_to_product_reference": "AppStream-10.2.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 10)",
          "product_id": "AppStream-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.aarch64"
        },
        "product_reference": "freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
        "relates_to_product_reference": "AppStream-10.2.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 10)",
          "product_id": "AppStream-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.ppc64le"
        },
        "product_reference": "freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
        "relates_to_product_reference": "AppStream-10.2.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.s390x as a component of Red Hat Enterprise Linux AppStream (v. 10)",
          "product_id": "AppStream-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.s390x"
        },
        "product_reference": "freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.s390x",
        "relates_to_product_reference": "AppStream-10.2.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 10)",
          "product_id": "AppStream-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.x86_64"
        },
        "product_reference": "freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
        "relates_to_product_reference": "AppStream-10.2.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libwinpr-2:3.10.3-12.el10_2.2.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 10)",
          "product_id": "AppStream-10.2.Z:libwinpr-2:3.10.3-12.el10_2.2.aarch64"
        },
        "product_reference": "libwinpr-2:3.10.3-12.el10_2.2.aarch64",
        "relates_to_product_reference": "AppStream-10.2.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libwinpr-2:3.10.3-12.el10_2.2.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 10)",
          "product_id": "AppStream-10.2.Z:libwinpr-2:3.10.3-12.el10_2.2.ppc64le"
        },
        "product_reference": "libwinpr-2:3.10.3-12.el10_2.2.ppc64le",
        "relates_to_product_reference": "AppStream-10.2.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libwinpr-2:3.10.3-12.el10_2.2.s390x as a component of Red Hat Enterprise Linux AppStream (v. 10)",
          "product_id": "AppStream-10.2.Z:libwinpr-2:3.10.3-12.el10_2.2.s390x"
        },
        "product_reference": "libwinpr-2:3.10.3-12.el10_2.2.s390x",
        "relates_to_product_reference": "AppStream-10.2.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libwinpr-2:3.10.3-12.el10_2.2.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 10)",
          "product_id": "AppStream-10.2.Z:libwinpr-2:3.10.3-12.el10_2.2.x86_64"
        },
        "product_reference": "libwinpr-2:3.10.3-12.el10_2.2.x86_64",
        "relates_to_product_reference": "AppStream-10.2.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libwinpr-debuginfo-2:3.10.3-12.el10_2.2.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 10)",
          "product_id": "AppStream-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.aarch64"
        },
        "product_reference": "libwinpr-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
        "relates_to_product_reference": "AppStream-10.2.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libwinpr-debuginfo-2:3.10.3-12.el10_2.2.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 10)",
          "product_id": "AppStream-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.ppc64le"
        },
        "product_reference": "libwinpr-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
        "relates_to_product_reference": "AppStream-10.2.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libwinpr-debuginfo-2:3.10.3-12.el10_2.2.s390x as a component of Red Hat Enterprise Linux AppStream (v. 10)",
          "product_id": "AppStream-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.s390x"
        },
        "product_reference": "libwinpr-debuginfo-2:3.10.3-12.el10_2.2.s390x",
        "relates_to_product_reference": "AppStream-10.2.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libwinpr-debuginfo-2:3.10.3-12.el10_2.2.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 10)",
          "product_id": "AppStream-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.x86_64"
        },
        "product_reference": "libwinpr-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
        "relates_to_product_reference": "AppStream-10.2.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "freerdp-debuginfo-2:3.10.3-12.el10_2.2.aarch64 as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 10)",
          "product_id": "CRB-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.aarch64"
        },
        "product_reference": "freerdp-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
        "relates_to_product_reference": "CRB-10.2.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "freerdp-debuginfo-2:3.10.3-12.el10_2.2.ppc64le as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 10)",
          "product_id": "CRB-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.ppc64le"
        },
        "product_reference": "freerdp-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
        "relates_to_product_reference": "CRB-10.2.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "freerdp-debuginfo-2:3.10.3-12.el10_2.2.s390x as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 10)",
          "product_id": "CRB-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.s390x"
        },
        "product_reference": "freerdp-debuginfo-2:3.10.3-12.el10_2.2.s390x",
        "relates_to_product_reference": "CRB-10.2.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "freerdp-debuginfo-2:3.10.3-12.el10_2.2.x86_64 as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 10)",
          "product_id": "CRB-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.x86_64"
        },
        "product_reference": "freerdp-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
        "relates_to_product_reference": "CRB-10.2.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "freerdp-debugsource-2:3.10.3-12.el10_2.2.aarch64 as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 10)",
          "product_id": "CRB-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.aarch64"
        },
        "product_reference": "freerdp-debugsource-2:3.10.3-12.el10_2.2.aarch64",
        "relates_to_product_reference": "CRB-10.2.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "freerdp-debugsource-2:3.10.3-12.el10_2.2.ppc64le as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 10)",
          "product_id": "CRB-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.ppc64le"
        },
        "product_reference": "freerdp-debugsource-2:3.10.3-12.el10_2.2.ppc64le",
        "relates_to_product_reference": "CRB-10.2.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "freerdp-debugsource-2:3.10.3-12.el10_2.2.s390x as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 10)",
          "product_id": "CRB-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.s390x"
        },
        "product_reference": "freerdp-debugsource-2:3.10.3-12.el10_2.2.s390x",
        "relates_to_product_reference": "CRB-10.2.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "freerdp-debugsource-2:3.10.3-12.el10_2.2.x86_64 as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 10)",
          "product_id": "CRB-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.x86_64"
        },
        "product_reference": "freerdp-debugsource-2:3.10.3-12.el10_2.2.x86_64",
        "relates_to_product_reference": "CRB-10.2.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "freerdp-devel-2:3.10.3-12.el10_2.2.aarch64 as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 10)",
          "product_id": "CRB-10.2.Z:freerdp-devel-2:3.10.3-12.el10_2.2.aarch64"
        },
        "product_reference": "freerdp-devel-2:3.10.3-12.el10_2.2.aarch64",
        "relates_to_product_reference": "CRB-10.2.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "freerdp-devel-2:3.10.3-12.el10_2.2.ppc64le as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 10)",
          "product_id": "CRB-10.2.Z:freerdp-devel-2:3.10.3-12.el10_2.2.ppc64le"
        },
        "product_reference": "freerdp-devel-2:3.10.3-12.el10_2.2.ppc64le",
        "relates_to_product_reference": "CRB-10.2.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "freerdp-devel-2:3.10.3-12.el10_2.2.s390x as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 10)",
          "product_id": "CRB-10.2.Z:freerdp-devel-2:3.10.3-12.el10_2.2.s390x"
        },
        "product_reference": "freerdp-devel-2:3.10.3-12.el10_2.2.s390x",
        "relates_to_product_reference": "CRB-10.2.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "freerdp-devel-2:3.10.3-12.el10_2.2.x86_64 as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 10)",
          "product_id": "CRB-10.2.Z:freerdp-devel-2:3.10.3-12.el10_2.2.x86_64"
        },
        "product_reference": "freerdp-devel-2:3.10.3-12.el10_2.2.x86_64",
        "relates_to_product_reference": "CRB-10.2.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.aarch64 as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 10)",
          "product_id": "CRB-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.aarch64"
        },
        "product_reference": "freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
        "relates_to_product_reference": "CRB-10.2.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.ppc64le as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 10)",
          "product_id": "CRB-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.ppc64le"
        },
        "product_reference": "freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
        "relates_to_product_reference": "CRB-10.2.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.s390x as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 10)",
          "product_id": "CRB-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.s390x"
        },
        "product_reference": "freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.s390x",
        "relates_to_product_reference": "CRB-10.2.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.x86_64 as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 10)",
          "product_id": "CRB-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.x86_64"
        },
        "product_reference": "freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
        "relates_to_product_reference": "CRB-10.2.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "freerdp-server-2:3.10.3-12.el10_2.2.aarch64 as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 10)",
          "product_id": "CRB-10.2.Z:freerdp-server-2:3.10.3-12.el10_2.2.aarch64"
        },
        "product_reference": "freerdp-server-2:3.10.3-12.el10_2.2.aarch64",
        "relates_to_product_reference": "CRB-10.2.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "freerdp-server-2:3.10.3-12.el10_2.2.ppc64le as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 10)",
          "product_id": "CRB-10.2.Z:freerdp-server-2:3.10.3-12.el10_2.2.ppc64le"
        },
        "product_reference": "freerdp-server-2:3.10.3-12.el10_2.2.ppc64le",
        "relates_to_product_reference": "CRB-10.2.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "freerdp-server-2:3.10.3-12.el10_2.2.s390x as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 10)",
          "product_id": "CRB-10.2.Z:freerdp-server-2:3.10.3-12.el10_2.2.s390x"
        },
        "product_reference": "freerdp-server-2:3.10.3-12.el10_2.2.s390x",
        "relates_to_product_reference": "CRB-10.2.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "freerdp-server-2:3.10.3-12.el10_2.2.x86_64 as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 10)",
          "product_id": "CRB-10.2.Z:freerdp-server-2:3.10.3-12.el10_2.2.x86_64"
        },
        "product_reference": "freerdp-server-2:3.10.3-12.el10_2.2.x86_64",
        "relates_to_product_reference": "CRB-10.2.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.aarch64 as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 10)",
          "product_id": "CRB-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.aarch64"
        },
        "product_reference": "freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
        "relates_to_product_reference": "CRB-10.2.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.ppc64le as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 10)",
          "product_id": "CRB-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.ppc64le"
        },
        "product_reference": "freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
        "relates_to_product_reference": "CRB-10.2.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.s390x as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 10)",
          "product_id": "CRB-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.s390x"
        },
        "product_reference": "freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.s390x",
        "relates_to_product_reference": "CRB-10.2.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.x86_64 as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 10)",
          "product_id": "CRB-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.x86_64"
        },
        "product_reference": "freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
        "relates_to_product_reference": "CRB-10.2.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libwinpr-debuginfo-2:3.10.3-12.el10_2.2.aarch64 as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 10)",
          "product_id": "CRB-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.aarch64"
        },
        "product_reference": "libwinpr-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
        "relates_to_product_reference": "CRB-10.2.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libwinpr-debuginfo-2:3.10.3-12.el10_2.2.ppc64le as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 10)",
          "product_id": "CRB-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.ppc64le"
        },
        "product_reference": "libwinpr-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
        "relates_to_product_reference": "CRB-10.2.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libwinpr-debuginfo-2:3.10.3-12.el10_2.2.s390x as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 10)",
          "product_id": "CRB-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.s390x"
        },
        "product_reference": "libwinpr-debuginfo-2:3.10.3-12.el10_2.2.s390x",
        "relates_to_product_reference": "CRB-10.2.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libwinpr-debuginfo-2:3.10.3-12.el10_2.2.x86_64 as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 10)",
          "product_id": "CRB-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.x86_64"
        },
        "product_reference": "libwinpr-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
        "relates_to_product_reference": "CRB-10.2.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libwinpr-devel-2:3.10.3-12.el10_2.2.aarch64 as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 10)",
          "product_id": "CRB-10.2.Z:libwinpr-devel-2:3.10.3-12.el10_2.2.aarch64"
        },
        "product_reference": "libwinpr-devel-2:3.10.3-12.el10_2.2.aarch64",
        "relates_to_product_reference": "CRB-10.2.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libwinpr-devel-2:3.10.3-12.el10_2.2.ppc64le as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 10)",
          "product_id": "CRB-10.2.Z:libwinpr-devel-2:3.10.3-12.el10_2.2.ppc64le"
        },
        "product_reference": "libwinpr-devel-2:3.10.3-12.el10_2.2.ppc64le",
        "relates_to_product_reference": "CRB-10.2.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libwinpr-devel-2:3.10.3-12.el10_2.2.s390x as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 10)",
          "product_id": "CRB-10.2.Z:libwinpr-devel-2:3.10.3-12.el10_2.2.s390x"
        },
        "product_reference": "libwinpr-devel-2:3.10.3-12.el10_2.2.s390x",
        "relates_to_product_reference": "CRB-10.2.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libwinpr-devel-2:3.10.3-12.el10_2.2.x86_64 as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 10)",
          "product_id": "CRB-10.2.Z:libwinpr-devel-2:3.10.3-12.el10_2.2.x86_64"
        },
        "product_reference": "libwinpr-devel-2:3.10.3-12.el10_2.2.x86_64",
        "relates_to_product_reference": "CRB-10.2.Z"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2026-22852",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "discovery_date": "2026-01-14T18:01:37.291284+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2429654"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A heap based buffer overflow has been discovered in FreeRDP. Prior to 3.20.1, a malicious RDP server can trigger a heap-buffer-overflow write in the FreeRDP client when processing Audio Input (AUDIN) format lists. audin_process_formats reuses callback->formats_count across multiple MSG_SNDIN_FORMATS PDUs and writes past the newly allocated formats array, causing memory corruption and a crash.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "freerdp: FreeRDP heap-buffer-overflow",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.aarch64",
          "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.ppc64le",
          "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.s390x",
          "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.src",
          "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.x86_64",
          "AppStream-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
          "AppStream-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
          "AppStream-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.s390x",
          "AppStream-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
          "AppStream-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.aarch64",
          "AppStream-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.ppc64le",
          "AppStream-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.s390x",
          "AppStream-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.x86_64",
          "AppStream-10.2.Z:freerdp-libs-2:3.10.3-12.el10_2.2.aarch64",
          "AppStream-10.2.Z:freerdp-libs-2:3.10.3-12.el10_2.2.ppc64le",
          "AppStream-10.2.Z:freerdp-libs-2:3.10.3-12.el10_2.2.s390x",
          "AppStream-10.2.Z:freerdp-libs-2:3.10.3-12.el10_2.2.x86_64",
          "AppStream-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
          "AppStream-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
          "AppStream-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.s390x",
          "AppStream-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
          "AppStream-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
          "AppStream-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
          "AppStream-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.s390x",
          "AppStream-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
          "AppStream-10.2.Z:libwinpr-2:3.10.3-12.el10_2.2.aarch64",
          "AppStream-10.2.Z:libwinpr-2:3.10.3-12.el10_2.2.ppc64le",
          "AppStream-10.2.Z:libwinpr-2:3.10.3-12.el10_2.2.s390x",
          "AppStream-10.2.Z:libwinpr-2:3.10.3-12.el10_2.2.x86_64",
          "AppStream-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
          "AppStream-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
          "AppStream-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.s390x",
          "AppStream-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
          "CRB-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
          "CRB-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
          "CRB-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.s390x",
          "CRB-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
          "CRB-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.aarch64",
          "CRB-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.ppc64le",
          "CRB-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.s390x",
          "CRB-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.x86_64",
          "CRB-10.2.Z:freerdp-devel-2:3.10.3-12.el10_2.2.aarch64",
          "CRB-10.2.Z:freerdp-devel-2:3.10.3-12.el10_2.2.ppc64le",
          "CRB-10.2.Z:freerdp-devel-2:3.10.3-12.el10_2.2.s390x",
          "CRB-10.2.Z:freerdp-devel-2:3.10.3-12.el10_2.2.x86_64",
          "CRB-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
          "CRB-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
          "CRB-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.s390x",
          "CRB-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
          "CRB-10.2.Z:freerdp-server-2:3.10.3-12.el10_2.2.aarch64",
          "CRB-10.2.Z:freerdp-server-2:3.10.3-12.el10_2.2.ppc64le",
          "CRB-10.2.Z:freerdp-server-2:3.10.3-12.el10_2.2.s390x",
          "CRB-10.2.Z:freerdp-server-2:3.10.3-12.el10_2.2.x86_64",
          "CRB-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
          "CRB-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
          "CRB-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.s390x",
          "CRB-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
          "CRB-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
          "CRB-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
          "CRB-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.s390x",
          "CRB-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
          "CRB-10.2.Z:libwinpr-devel-2:3.10.3-12.el10_2.2.aarch64",
          "CRB-10.2.Z:libwinpr-devel-2:3.10.3-12.el10_2.2.ppc64le",
          "CRB-10.2.Z:libwinpr-devel-2:3.10.3-12.el10_2.2.s390x",
          "CRB-10.2.Z:libwinpr-devel-2:3.10.3-12.el10_2.2.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2026-22852"
        },
        {
          "category": "external",
          "summary": "RHBZ#2429654",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2429654"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2026-22852",
          "url": "https://www.cve.org/CVERecord?id=CVE-2026-22852"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-22852",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-22852"
        },
        {
          "category": "external",
          "summary": "https://github.com/FreeRDP/FreeRDP/releases/tag/3.20.1",
          "url": "https://github.com/FreeRDP/FreeRDP/releases/tag/3.20.1"
        },
        {
          "category": "external",
          "summary": "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-9chc-g79v-4qq4",
          "url": "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-9chc-g79v-4qq4"
        }
      ],
      "release_date": "2026-01-14T17:45:22.253000+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2026-05-19T13:29:01+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.src",
            "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:freerdp-libs-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-libs-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-libs-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-libs-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:libwinpr-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:libwinpr-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:libwinpr-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:libwinpr-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-devel-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-devel-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-devel-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-devel-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-server-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-server-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-server-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-server-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:libwinpr-devel-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:libwinpr-devel-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:libwinpr-devel-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:libwinpr-devel-2:3.10.3-12.el10_2.2.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2026:19033"
        },
        {
          "category": "workaround",
          "details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
          "product_ids": [
            "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.src",
            "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:freerdp-libs-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-libs-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-libs-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-libs-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:libwinpr-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:libwinpr-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:libwinpr-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:libwinpr-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-devel-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-devel-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-devel-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-devel-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-server-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-server-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-server-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-server-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:libwinpr-devel-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:libwinpr-devel-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:libwinpr-devel-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:libwinpr-devel-2:3.10.3-12.el10_2.2.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "LOW",
            "baseScore": 5.6,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L",
            "version": "3.1"
          },
          "products": [
            "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.src",
            "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:freerdp-libs-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-libs-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-libs-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-libs-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:libwinpr-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:libwinpr-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:libwinpr-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:libwinpr-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-devel-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-devel-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-devel-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-devel-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-server-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-server-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-server-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-server-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:libwinpr-devel-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:libwinpr-devel-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:libwinpr-devel-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:libwinpr-devel-2:3.10.3-12.el10_2.2.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "freerdp: FreeRDP heap-buffer-overflow"
    },
    {
      "cve": "CVE-2026-22853",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "discovery_date": "2026-01-14T18:01:01.893015+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2429647"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A heap based buffer overflow flaw has been discovered in FreeRDP. In affected versions RDPEAR’s NDR array reader does not perform bounds checking on the on‑wire element count and can write past the heap buffer allocated from hints, causing a heap buffer overflow in ndr_read_uint8Array.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "freerdp: FreeRDP heap-buffer-overflow",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "Red Hat products in their default configuration employ Address Space Layout Randomization (ASLR) which drastically increases the complexity of the successful exploitation of this flaw.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.aarch64",
          "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.ppc64le",
          "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.s390x",
          "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.src",
          "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.x86_64",
          "AppStream-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
          "AppStream-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
          "AppStream-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.s390x",
          "AppStream-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
          "AppStream-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.aarch64",
          "AppStream-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.ppc64le",
          "AppStream-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.s390x",
          "AppStream-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.x86_64",
          "AppStream-10.2.Z:freerdp-libs-2:3.10.3-12.el10_2.2.aarch64",
          "AppStream-10.2.Z:freerdp-libs-2:3.10.3-12.el10_2.2.ppc64le",
          "AppStream-10.2.Z:freerdp-libs-2:3.10.3-12.el10_2.2.s390x",
          "AppStream-10.2.Z:freerdp-libs-2:3.10.3-12.el10_2.2.x86_64",
          "AppStream-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
          "AppStream-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
          "AppStream-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.s390x",
          "AppStream-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
          "AppStream-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
          "AppStream-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
          "AppStream-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.s390x",
          "AppStream-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
          "AppStream-10.2.Z:libwinpr-2:3.10.3-12.el10_2.2.aarch64",
          "AppStream-10.2.Z:libwinpr-2:3.10.3-12.el10_2.2.ppc64le",
          "AppStream-10.2.Z:libwinpr-2:3.10.3-12.el10_2.2.s390x",
          "AppStream-10.2.Z:libwinpr-2:3.10.3-12.el10_2.2.x86_64",
          "AppStream-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
          "AppStream-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
          "AppStream-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.s390x",
          "AppStream-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
          "CRB-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
          "CRB-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
          "CRB-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.s390x",
          "CRB-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
          "CRB-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.aarch64",
          "CRB-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.ppc64le",
          "CRB-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.s390x",
          "CRB-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.x86_64",
          "CRB-10.2.Z:freerdp-devel-2:3.10.3-12.el10_2.2.aarch64",
          "CRB-10.2.Z:freerdp-devel-2:3.10.3-12.el10_2.2.ppc64le",
          "CRB-10.2.Z:freerdp-devel-2:3.10.3-12.el10_2.2.s390x",
          "CRB-10.2.Z:freerdp-devel-2:3.10.3-12.el10_2.2.x86_64",
          "CRB-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
          "CRB-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
          "CRB-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.s390x",
          "CRB-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
          "CRB-10.2.Z:freerdp-server-2:3.10.3-12.el10_2.2.aarch64",
          "CRB-10.2.Z:freerdp-server-2:3.10.3-12.el10_2.2.ppc64le",
          "CRB-10.2.Z:freerdp-server-2:3.10.3-12.el10_2.2.s390x",
          "CRB-10.2.Z:freerdp-server-2:3.10.3-12.el10_2.2.x86_64",
          "CRB-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
          "CRB-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
          "CRB-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.s390x",
          "CRB-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
          "CRB-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
          "CRB-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
          "CRB-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.s390x",
          "CRB-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
          "CRB-10.2.Z:libwinpr-devel-2:3.10.3-12.el10_2.2.aarch64",
          "CRB-10.2.Z:libwinpr-devel-2:3.10.3-12.el10_2.2.ppc64le",
          "CRB-10.2.Z:libwinpr-devel-2:3.10.3-12.el10_2.2.s390x",
          "CRB-10.2.Z:libwinpr-devel-2:3.10.3-12.el10_2.2.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2026-22853"
        },
        {
          "category": "external",
          "summary": "RHBZ#2429647",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2429647"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2026-22853",
          "url": "https://www.cve.org/CVERecord?id=CVE-2026-22853"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-22853",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-22853"
        },
        {
          "category": "external",
          "summary": "https://github.com/FreeRDP/FreeRDP/releases/tag/3.20.1",
          "url": "https://github.com/FreeRDP/FreeRDP/releases/tag/3.20.1"
        },
        {
          "category": "external",
          "summary": "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-47v9-p4gp-w5ch",
          "url": "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-47v9-p4gp-w5ch"
        }
      ],
      "release_date": "2026-01-14T17:46:50.159000+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2026-05-19T13:29:01+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.src",
            "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:freerdp-libs-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-libs-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-libs-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-libs-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:libwinpr-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:libwinpr-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:libwinpr-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:libwinpr-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-devel-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-devel-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-devel-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-devel-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-server-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-server-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-server-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-server-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:libwinpr-devel-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:libwinpr-devel-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:libwinpr-devel-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:libwinpr-devel-2:3.10.3-12.el10_2.2.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2026:19033"
        },
        {
          "category": "workaround",
          "details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
          "product_ids": [
            "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.src",
            "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:freerdp-libs-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-libs-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-libs-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-libs-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:libwinpr-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:libwinpr-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:libwinpr-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:libwinpr-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-devel-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-devel-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-devel-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-devel-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-server-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-server-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-server-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-server-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:libwinpr-devel-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:libwinpr-devel-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:libwinpr-devel-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:libwinpr-devel-2:3.10.3-12.el10_2.2.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.1,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.src",
            "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:freerdp-libs-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-libs-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-libs-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-libs-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:libwinpr-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:libwinpr-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:libwinpr-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:libwinpr-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-devel-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-devel-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-devel-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-devel-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-server-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-server-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-server-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-server-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:libwinpr-devel-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:libwinpr-devel-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:libwinpr-devel-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:libwinpr-devel-2:3.10.3-12.el10_2.2.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "freerdp: FreeRDP heap-buffer-overflow"
    },
    {
      "cve": "CVE-2026-22854",
      "cwe": {
        "id": "CWE-122",
        "name": "Heap-based Buffer Overflow"
      },
      "discovery_date": "2026-01-14T18:01:27.671391+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2429652"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A heap based buffer overflow has been discovered in FreeRDP. This heap-buffer-overflow occurs in drive read when a server-controlled read length is used to read file data into an IRP output stream buffer without a hard upper bound, allowing an oversized read to overwrite heap memory.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "freerdp: FreeRDP heap-buffer-overflow",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "Red Hat products in their default configuration employ Address Space Layout Randomization (ASLR) which drastically increases the complexity of the successful exploitation of this flaw.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.aarch64",
          "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.ppc64le",
          "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.s390x",
          "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.src",
          "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.x86_64",
          "AppStream-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
          "AppStream-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
          "AppStream-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.s390x",
          "AppStream-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
          "AppStream-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.aarch64",
          "AppStream-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.ppc64le",
          "AppStream-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.s390x",
          "AppStream-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.x86_64",
          "AppStream-10.2.Z:freerdp-libs-2:3.10.3-12.el10_2.2.aarch64",
          "AppStream-10.2.Z:freerdp-libs-2:3.10.3-12.el10_2.2.ppc64le",
          "AppStream-10.2.Z:freerdp-libs-2:3.10.3-12.el10_2.2.s390x",
          "AppStream-10.2.Z:freerdp-libs-2:3.10.3-12.el10_2.2.x86_64",
          "AppStream-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
          "AppStream-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
          "AppStream-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.s390x",
          "AppStream-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
          "AppStream-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
          "AppStream-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
          "AppStream-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.s390x",
          "AppStream-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
          "AppStream-10.2.Z:libwinpr-2:3.10.3-12.el10_2.2.aarch64",
          "AppStream-10.2.Z:libwinpr-2:3.10.3-12.el10_2.2.ppc64le",
          "AppStream-10.2.Z:libwinpr-2:3.10.3-12.el10_2.2.s390x",
          "AppStream-10.2.Z:libwinpr-2:3.10.3-12.el10_2.2.x86_64",
          "AppStream-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
          "AppStream-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
          "AppStream-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.s390x",
          "AppStream-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
          "CRB-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
          "CRB-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
          "CRB-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.s390x",
          "CRB-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
          "CRB-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.aarch64",
          "CRB-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.ppc64le",
          "CRB-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.s390x",
          "CRB-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.x86_64",
          "CRB-10.2.Z:freerdp-devel-2:3.10.3-12.el10_2.2.aarch64",
          "CRB-10.2.Z:freerdp-devel-2:3.10.3-12.el10_2.2.ppc64le",
          "CRB-10.2.Z:freerdp-devel-2:3.10.3-12.el10_2.2.s390x",
          "CRB-10.2.Z:freerdp-devel-2:3.10.3-12.el10_2.2.x86_64",
          "CRB-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
          "CRB-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
          "CRB-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.s390x",
          "CRB-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
          "CRB-10.2.Z:freerdp-server-2:3.10.3-12.el10_2.2.aarch64",
          "CRB-10.2.Z:freerdp-server-2:3.10.3-12.el10_2.2.ppc64le",
          "CRB-10.2.Z:freerdp-server-2:3.10.3-12.el10_2.2.s390x",
          "CRB-10.2.Z:freerdp-server-2:3.10.3-12.el10_2.2.x86_64",
          "CRB-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
          "CRB-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
          "CRB-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.s390x",
          "CRB-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
          "CRB-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
          "CRB-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
          "CRB-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.s390x",
          "CRB-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
          "CRB-10.2.Z:libwinpr-devel-2:3.10.3-12.el10_2.2.aarch64",
          "CRB-10.2.Z:libwinpr-devel-2:3.10.3-12.el10_2.2.ppc64le",
          "CRB-10.2.Z:libwinpr-devel-2:3.10.3-12.el10_2.2.s390x",
          "CRB-10.2.Z:libwinpr-devel-2:3.10.3-12.el10_2.2.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2026-22854"
        },
        {
          "category": "external",
          "summary": "RHBZ#2429652",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2429652"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2026-22854",
          "url": "https://www.cve.org/CVERecord?id=CVE-2026-22854"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-22854",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-22854"
        },
        {
          "category": "external",
          "summary": "https://github.com/FreeRDP/FreeRDP/releases/tag/3.20.1",
          "url": "https://github.com/FreeRDP/FreeRDP/releases/tag/3.20.1"
        },
        {
          "category": "external",
          "summary": "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-47vj-g3c3-3rmf",
          "url": "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-47vj-g3c3-3rmf"
        }
      ],
      "release_date": "2026-01-14T17:47:49.588000+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2026-05-19T13:29:01+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.src",
            "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:freerdp-libs-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-libs-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-libs-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-libs-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:libwinpr-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:libwinpr-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:libwinpr-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:libwinpr-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-devel-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-devel-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-devel-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-devel-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-server-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-server-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-server-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-server-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:libwinpr-devel-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:libwinpr-devel-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:libwinpr-devel-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:libwinpr-devel-2:3.10.3-12.el10_2.2.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2026:19033"
        },
        {
          "category": "workaround",
          "details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
          "product_ids": [
            "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.src",
            "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:freerdp-libs-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-libs-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-libs-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-libs-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:libwinpr-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:libwinpr-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:libwinpr-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:libwinpr-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-devel-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-devel-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-devel-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-devel-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-server-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-server-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-server-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-server-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:libwinpr-devel-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:libwinpr-devel-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:libwinpr-devel-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:libwinpr-devel-2:3.10.3-12.el10_2.2.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.1,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.src",
            "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:freerdp-libs-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-libs-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-libs-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-libs-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:libwinpr-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:libwinpr-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:libwinpr-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:libwinpr-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-devel-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-devel-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-devel-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-devel-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-server-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-server-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-server-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-server-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:libwinpr-devel-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:libwinpr-devel-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:libwinpr-devel-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:libwinpr-devel-2:3.10.3-12.el10_2.2.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "freerdp: FreeRDP heap-buffer-overflow"
    },
    {
      "cve": "CVE-2026-22855",
      "cwe": {
        "id": "CWE-125",
        "name": "Out-of-bounds Read"
      },
      "discovery_date": "2026-01-14T18:00:47.363663+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2429645"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A heap based buffer overflow has been discovered in FreeRDP. This heap out-of-bounds read occurs in the smartcard SetAttrib path when cbAttrLen does not match the actual NDR buffer length.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "freerdp: FreeRDP heap-buffer-overflow",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "Red Hat products in their default configuration employ Address Space Layout Randomization (ASLR) which drastically increases the complexity of the successful exploitation of this flaw.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.aarch64",
          "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.ppc64le",
          "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.s390x",
          "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.src",
          "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.x86_64",
          "AppStream-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
          "AppStream-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
          "AppStream-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.s390x",
          "AppStream-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
          "AppStream-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.aarch64",
          "AppStream-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.ppc64le",
          "AppStream-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.s390x",
          "AppStream-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.x86_64",
          "AppStream-10.2.Z:freerdp-libs-2:3.10.3-12.el10_2.2.aarch64",
          "AppStream-10.2.Z:freerdp-libs-2:3.10.3-12.el10_2.2.ppc64le",
          "AppStream-10.2.Z:freerdp-libs-2:3.10.3-12.el10_2.2.s390x",
          "AppStream-10.2.Z:freerdp-libs-2:3.10.3-12.el10_2.2.x86_64",
          "AppStream-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
          "AppStream-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
          "AppStream-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.s390x",
          "AppStream-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
          "AppStream-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
          "AppStream-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
          "AppStream-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.s390x",
          "AppStream-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
          "AppStream-10.2.Z:libwinpr-2:3.10.3-12.el10_2.2.aarch64",
          "AppStream-10.2.Z:libwinpr-2:3.10.3-12.el10_2.2.ppc64le",
          "AppStream-10.2.Z:libwinpr-2:3.10.3-12.el10_2.2.s390x",
          "AppStream-10.2.Z:libwinpr-2:3.10.3-12.el10_2.2.x86_64",
          "AppStream-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
          "AppStream-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
          "AppStream-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.s390x",
          "AppStream-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
          "CRB-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
          "CRB-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
          "CRB-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.s390x",
          "CRB-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
          "CRB-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.aarch64",
          "CRB-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.ppc64le",
          "CRB-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.s390x",
          "CRB-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.x86_64",
          "CRB-10.2.Z:freerdp-devel-2:3.10.3-12.el10_2.2.aarch64",
          "CRB-10.2.Z:freerdp-devel-2:3.10.3-12.el10_2.2.ppc64le",
          "CRB-10.2.Z:freerdp-devel-2:3.10.3-12.el10_2.2.s390x",
          "CRB-10.2.Z:freerdp-devel-2:3.10.3-12.el10_2.2.x86_64",
          "CRB-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
          "CRB-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
          "CRB-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.s390x",
          "CRB-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
          "CRB-10.2.Z:freerdp-server-2:3.10.3-12.el10_2.2.aarch64",
          "CRB-10.2.Z:freerdp-server-2:3.10.3-12.el10_2.2.ppc64le",
          "CRB-10.2.Z:freerdp-server-2:3.10.3-12.el10_2.2.s390x",
          "CRB-10.2.Z:freerdp-server-2:3.10.3-12.el10_2.2.x86_64",
          "CRB-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
          "CRB-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
          "CRB-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.s390x",
          "CRB-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
          "CRB-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
          "CRB-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
          "CRB-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.s390x",
          "CRB-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
          "CRB-10.2.Z:libwinpr-devel-2:3.10.3-12.el10_2.2.aarch64",
          "CRB-10.2.Z:libwinpr-devel-2:3.10.3-12.el10_2.2.ppc64le",
          "CRB-10.2.Z:libwinpr-devel-2:3.10.3-12.el10_2.2.s390x",
          "CRB-10.2.Z:libwinpr-devel-2:3.10.3-12.el10_2.2.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2026-22855"
        },
        {
          "category": "external",
          "summary": "RHBZ#2429645",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2429645"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2026-22855",
          "url": "https://www.cve.org/CVERecord?id=CVE-2026-22855"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-22855",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-22855"
        },
        {
          "category": "external",
          "summary": "https://github.com/FreeRDP/FreeRDP/releases/tag/3.20.1",
          "url": "https://github.com/FreeRDP/FreeRDP/releases/tag/3.20.1"
        },
        {
          "category": "external",
          "summary": "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-rwp3-g84r-6mx9",
          "url": "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-rwp3-g84r-6mx9"
        }
      ],
      "release_date": "2026-01-14T17:50:06.209000+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2026-05-19T13:29:01+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.src",
            "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:freerdp-libs-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-libs-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-libs-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-libs-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:libwinpr-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:libwinpr-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:libwinpr-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:libwinpr-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-devel-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-devel-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-devel-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-devel-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-server-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-server-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-server-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-server-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:libwinpr-devel-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:libwinpr-devel-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:libwinpr-devel-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:libwinpr-devel-2:3.10.3-12.el10_2.2.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2026:19033"
        },
        {
          "category": "workaround",
          "details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
          "product_ids": [
            "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.src",
            "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:freerdp-libs-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-libs-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-libs-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-libs-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:libwinpr-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:libwinpr-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:libwinpr-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:libwinpr-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-devel-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-devel-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-devel-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-devel-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-server-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-server-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-server-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-server-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:libwinpr-devel-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:libwinpr-devel-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:libwinpr-devel-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:libwinpr-devel-2:3.10.3-12.el10_2.2.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.4,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.src",
            "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:freerdp-libs-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-libs-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-libs-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-libs-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:libwinpr-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:libwinpr-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:libwinpr-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:libwinpr-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-devel-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-devel-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-devel-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-devel-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-server-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-server-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-server-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-server-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:libwinpr-devel-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:libwinpr-devel-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:libwinpr-devel-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:libwinpr-devel-2:3.10.3-12.el10_2.2.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "freerdp: FreeRDP heap-buffer-overflow"
    },
    {
      "cve": "CVE-2026-22856",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "discovery_date": "2026-01-14T18:01:14.358085+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2429650"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A heap use after free flaw has been discovered in FreeRDP. A race in the serial channel IRP thread tracking allows a heap use‑after‑free when one thread removes an entry from serial->IrpThreads while another reads it.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "freerdp: FreeRDP heap-use-after-free",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.aarch64",
          "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.ppc64le",
          "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.s390x",
          "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.src",
          "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.x86_64",
          "AppStream-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
          "AppStream-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
          "AppStream-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.s390x",
          "AppStream-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
          "AppStream-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.aarch64",
          "AppStream-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.ppc64le",
          "AppStream-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.s390x",
          "AppStream-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.x86_64",
          "AppStream-10.2.Z:freerdp-libs-2:3.10.3-12.el10_2.2.aarch64",
          "AppStream-10.2.Z:freerdp-libs-2:3.10.3-12.el10_2.2.ppc64le",
          "AppStream-10.2.Z:freerdp-libs-2:3.10.3-12.el10_2.2.s390x",
          "AppStream-10.2.Z:freerdp-libs-2:3.10.3-12.el10_2.2.x86_64",
          "AppStream-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
          "AppStream-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
          "AppStream-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.s390x",
          "AppStream-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
          "AppStream-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
          "AppStream-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
          "AppStream-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.s390x",
          "AppStream-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
          "AppStream-10.2.Z:libwinpr-2:3.10.3-12.el10_2.2.aarch64",
          "AppStream-10.2.Z:libwinpr-2:3.10.3-12.el10_2.2.ppc64le",
          "AppStream-10.2.Z:libwinpr-2:3.10.3-12.el10_2.2.s390x",
          "AppStream-10.2.Z:libwinpr-2:3.10.3-12.el10_2.2.x86_64",
          "AppStream-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
          "AppStream-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
          "AppStream-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.s390x",
          "AppStream-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
          "CRB-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
          "CRB-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
          "CRB-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.s390x",
          "CRB-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
          "CRB-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.aarch64",
          "CRB-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.ppc64le",
          "CRB-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.s390x",
          "CRB-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.x86_64",
          "CRB-10.2.Z:freerdp-devel-2:3.10.3-12.el10_2.2.aarch64",
          "CRB-10.2.Z:freerdp-devel-2:3.10.3-12.el10_2.2.ppc64le",
          "CRB-10.2.Z:freerdp-devel-2:3.10.3-12.el10_2.2.s390x",
          "CRB-10.2.Z:freerdp-devel-2:3.10.3-12.el10_2.2.x86_64",
          "CRB-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
          "CRB-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
          "CRB-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.s390x",
          "CRB-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
          "CRB-10.2.Z:freerdp-server-2:3.10.3-12.el10_2.2.aarch64",
          "CRB-10.2.Z:freerdp-server-2:3.10.3-12.el10_2.2.ppc64le",
          "CRB-10.2.Z:freerdp-server-2:3.10.3-12.el10_2.2.s390x",
          "CRB-10.2.Z:freerdp-server-2:3.10.3-12.el10_2.2.x86_64",
          "CRB-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
          "CRB-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
          "CRB-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.s390x",
          "CRB-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
          "CRB-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
          "CRB-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
          "CRB-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.s390x",
          "CRB-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
          "CRB-10.2.Z:libwinpr-devel-2:3.10.3-12.el10_2.2.aarch64",
          "CRB-10.2.Z:libwinpr-devel-2:3.10.3-12.el10_2.2.ppc64le",
          "CRB-10.2.Z:libwinpr-devel-2:3.10.3-12.el10_2.2.s390x",
          "CRB-10.2.Z:libwinpr-devel-2:3.10.3-12.el10_2.2.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2026-22856"
        },
        {
          "category": "external",
          "summary": "RHBZ#2429650",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2429650"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2026-22856",
          "url": "https://www.cve.org/CVERecord?id=CVE-2026-22856"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-22856",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-22856"
        },
        {
          "category": "external",
          "summary": "https://github.com/FreeRDP/FreeRDP/releases/tag/3.20.1",
          "url": "https://github.com/FreeRDP/FreeRDP/releases/tag/3.20.1"
        },
        {
          "category": "external",
          "summary": "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-w842-c386-fxhv",
          "url": "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-w842-c386-fxhv"
        }
      ],
      "release_date": "2026-01-14T17:53:04.756000+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2026-05-19T13:29:01+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.src",
            "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:freerdp-libs-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-libs-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-libs-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-libs-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:libwinpr-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:libwinpr-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:libwinpr-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:libwinpr-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-devel-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-devel-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-devel-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-devel-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-server-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-server-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-server-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-server-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:libwinpr-devel-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:libwinpr-devel-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:libwinpr-devel-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:libwinpr-devel-2:3.10.3-12.el10_2.2.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2026:19033"
        },
        {
          "category": "workaround",
          "details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
          "product_ids": [
            "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.src",
            "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:freerdp-libs-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-libs-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-libs-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-libs-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:libwinpr-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:libwinpr-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:libwinpr-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:libwinpr-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-devel-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-devel-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-devel-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-devel-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-server-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-server-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-server-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-server-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:libwinpr-devel-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:libwinpr-devel-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:libwinpr-devel-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:libwinpr-devel-2:3.10.3-12.el10_2.2.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.1,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.src",
            "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:freerdp-libs-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-libs-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-libs-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-libs-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:libwinpr-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:libwinpr-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:libwinpr-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:libwinpr-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-devel-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-devel-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-devel-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-devel-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-server-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-server-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-server-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-server-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:libwinpr-devel-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:libwinpr-devel-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:libwinpr-devel-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:libwinpr-devel-2:3.10.3-12.el10_2.2.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "freerdp: FreeRDP heap-use-after-free"
    },
    {
      "cve": "CVE-2026-22858",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "discovery_date": "2026-01-14T18:00:52.497801+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2429649"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A global buffer overflow flaw has been discovered in FreeRDP. This global-buffer-overflow was observed in FreeRDP's Base64 decoding path. The root cause appears to be implementation-defined char signedness: on Arm/AArch64 builds, plain char is treated as unsigned, so the guard c <= 0 can be optimized into a simple c != 0 check. As a result, non-ASCII bytes (e.g., 0x80-0xFF) may bypass the intended range restriction and be used as an index into a global lookup table, causing out-of-bounds access.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "freerdp: FreeRDP global-buffer-overflow",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "Red Hat products in their default configuration employ Address Space Layout Randomization (ASLR) which drastically increases the complexity of the successful exploitation of this flaw.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.aarch64",
          "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.ppc64le",
          "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.s390x",
          "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.src",
          "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.x86_64",
          "AppStream-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
          "AppStream-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
          "AppStream-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.s390x",
          "AppStream-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
          "AppStream-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.aarch64",
          "AppStream-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.ppc64le",
          "AppStream-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.s390x",
          "AppStream-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.x86_64",
          "AppStream-10.2.Z:freerdp-libs-2:3.10.3-12.el10_2.2.aarch64",
          "AppStream-10.2.Z:freerdp-libs-2:3.10.3-12.el10_2.2.ppc64le",
          "AppStream-10.2.Z:freerdp-libs-2:3.10.3-12.el10_2.2.s390x",
          "AppStream-10.2.Z:freerdp-libs-2:3.10.3-12.el10_2.2.x86_64",
          "AppStream-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
          "AppStream-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
          "AppStream-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.s390x",
          "AppStream-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
          "AppStream-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
          "AppStream-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
          "AppStream-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.s390x",
          "AppStream-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
          "AppStream-10.2.Z:libwinpr-2:3.10.3-12.el10_2.2.aarch64",
          "AppStream-10.2.Z:libwinpr-2:3.10.3-12.el10_2.2.ppc64le",
          "AppStream-10.2.Z:libwinpr-2:3.10.3-12.el10_2.2.s390x",
          "AppStream-10.2.Z:libwinpr-2:3.10.3-12.el10_2.2.x86_64",
          "AppStream-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
          "AppStream-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
          "AppStream-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.s390x",
          "AppStream-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
          "CRB-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
          "CRB-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
          "CRB-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.s390x",
          "CRB-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
          "CRB-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.aarch64",
          "CRB-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.ppc64le",
          "CRB-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.s390x",
          "CRB-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.x86_64",
          "CRB-10.2.Z:freerdp-devel-2:3.10.3-12.el10_2.2.aarch64",
          "CRB-10.2.Z:freerdp-devel-2:3.10.3-12.el10_2.2.ppc64le",
          "CRB-10.2.Z:freerdp-devel-2:3.10.3-12.el10_2.2.s390x",
          "CRB-10.2.Z:freerdp-devel-2:3.10.3-12.el10_2.2.x86_64",
          "CRB-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
          "CRB-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
          "CRB-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.s390x",
          "CRB-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
          "CRB-10.2.Z:freerdp-server-2:3.10.3-12.el10_2.2.aarch64",
          "CRB-10.2.Z:freerdp-server-2:3.10.3-12.el10_2.2.ppc64le",
          "CRB-10.2.Z:freerdp-server-2:3.10.3-12.el10_2.2.s390x",
          "CRB-10.2.Z:freerdp-server-2:3.10.3-12.el10_2.2.x86_64",
          "CRB-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
          "CRB-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
          "CRB-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.s390x",
          "CRB-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
          "CRB-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
          "CRB-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
          "CRB-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.s390x",
          "CRB-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
          "CRB-10.2.Z:libwinpr-devel-2:3.10.3-12.el10_2.2.aarch64",
          "CRB-10.2.Z:libwinpr-devel-2:3.10.3-12.el10_2.2.ppc64le",
          "CRB-10.2.Z:libwinpr-devel-2:3.10.3-12.el10_2.2.s390x",
          "CRB-10.2.Z:libwinpr-devel-2:3.10.3-12.el10_2.2.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2026-22858"
        },
        {
          "category": "external",
          "summary": "RHBZ#2429649",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2429649"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2026-22858",
          "url": "https://www.cve.org/CVERecord?id=CVE-2026-22858"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-22858",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-22858"
        },
        {
          "category": "external",
          "summary": "https://github.com/FreeRDP/FreeRDP/releases/tag/3.20.1",
          "url": "https://github.com/FreeRDP/FreeRDP/releases/tag/3.20.1"
        },
        {
          "category": "external",
          "summary": "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-qmqf-m84q-x896",
          "url": "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-qmqf-m84q-x896"
        }
      ],
      "release_date": "2026-01-14T17:56:29.729000+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2026-05-19T13:29:01+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.src",
            "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:freerdp-libs-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-libs-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-libs-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-libs-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:libwinpr-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:libwinpr-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:libwinpr-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:libwinpr-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-devel-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-devel-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-devel-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-devel-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-server-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-server-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-server-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-server-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:libwinpr-devel-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:libwinpr-devel-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:libwinpr-devel-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:libwinpr-devel-2:3.10.3-12.el10_2.2.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2026:19033"
        },
        {
          "category": "workaround",
          "details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
          "product_ids": [
            "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.src",
            "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:freerdp-libs-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-libs-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-libs-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-libs-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:libwinpr-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:libwinpr-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:libwinpr-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:libwinpr-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-devel-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-devel-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-devel-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-devel-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-server-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-server-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-server-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-server-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:libwinpr-devel-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:libwinpr-devel-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:libwinpr-devel-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:libwinpr-devel-2:3.10.3-12.el10_2.2.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.4,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.src",
            "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:freerdp-libs-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-libs-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-libs-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-libs-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:libwinpr-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:libwinpr-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:libwinpr-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:libwinpr-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-devel-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-devel-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-devel-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-devel-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-server-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-server-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-server-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-server-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:libwinpr-devel-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:libwinpr-devel-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:libwinpr-devel-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:libwinpr-devel-2:3.10.3-12.el10_2.2.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "freerdp: FreeRDP global-buffer-overflow"
    },
    {
      "cve": "CVE-2026-22859",
      "cwe": {
        "id": "CWE-125",
        "name": "Out-of-bounds Read"
      },
      "discovery_date": "2026-01-14T18:01:32.314446+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2429653"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A heap based buffer overflow has been discovered in FreeRDP. In affected versions the URBDRC client does not perform bounds checking on server‑supplied MSUSB_INTERFACE_DESCRIPTOR values and uses them as indices in libusb_udev_complete_msconfig_setup, causing an out‑of‑bounds read.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "freerdp: FreeRDP heap-buffer-overflow",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "Red Hat products in their default configuration employ Address Space Layout Randomization (ASLR) which drastically increases the complexity of the successful exploitation of this flaw.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.aarch64",
          "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.ppc64le",
          "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.s390x",
          "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.src",
          "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.x86_64",
          "AppStream-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
          "AppStream-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
          "AppStream-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.s390x",
          "AppStream-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
          "AppStream-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.aarch64",
          "AppStream-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.ppc64le",
          "AppStream-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.s390x",
          "AppStream-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.x86_64",
          "AppStream-10.2.Z:freerdp-libs-2:3.10.3-12.el10_2.2.aarch64",
          "AppStream-10.2.Z:freerdp-libs-2:3.10.3-12.el10_2.2.ppc64le",
          "AppStream-10.2.Z:freerdp-libs-2:3.10.3-12.el10_2.2.s390x",
          "AppStream-10.2.Z:freerdp-libs-2:3.10.3-12.el10_2.2.x86_64",
          "AppStream-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
          "AppStream-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
          "AppStream-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.s390x",
          "AppStream-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
          "AppStream-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
          "AppStream-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
          "AppStream-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.s390x",
          "AppStream-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
          "AppStream-10.2.Z:libwinpr-2:3.10.3-12.el10_2.2.aarch64",
          "AppStream-10.2.Z:libwinpr-2:3.10.3-12.el10_2.2.ppc64le",
          "AppStream-10.2.Z:libwinpr-2:3.10.3-12.el10_2.2.s390x",
          "AppStream-10.2.Z:libwinpr-2:3.10.3-12.el10_2.2.x86_64",
          "AppStream-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
          "AppStream-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
          "AppStream-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.s390x",
          "AppStream-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
          "CRB-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
          "CRB-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
          "CRB-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.s390x",
          "CRB-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
          "CRB-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.aarch64",
          "CRB-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.ppc64le",
          "CRB-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.s390x",
          "CRB-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.x86_64",
          "CRB-10.2.Z:freerdp-devel-2:3.10.3-12.el10_2.2.aarch64",
          "CRB-10.2.Z:freerdp-devel-2:3.10.3-12.el10_2.2.ppc64le",
          "CRB-10.2.Z:freerdp-devel-2:3.10.3-12.el10_2.2.s390x",
          "CRB-10.2.Z:freerdp-devel-2:3.10.3-12.el10_2.2.x86_64",
          "CRB-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
          "CRB-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
          "CRB-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.s390x",
          "CRB-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
          "CRB-10.2.Z:freerdp-server-2:3.10.3-12.el10_2.2.aarch64",
          "CRB-10.2.Z:freerdp-server-2:3.10.3-12.el10_2.2.ppc64le",
          "CRB-10.2.Z:freerdp-server-2:3.10.3-12.el10_2.2.s390x",
          "CRB-10.2.Z:freerdp-server-2:3.10.3-12.el10_2.2.x86_64",
          "CRB-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
          "CRB-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
          "CRB-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.s390x",
          "CRB-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
          "CRB-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
          "CRB-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
          "CRB-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.s390x",
          "CRB-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
          "CRB-10.2.Z:libwinpr-devel-2:3.10.3-12.el10_2.2.aarch64",
          "CRB-10.2.Z:libwinpr-devel-2:3.10.3-12.el10_2.2.ppc64le",
          "CRB-10.2.Z:libwinpr-devel-2:3.10.3-12.el10_2.2.s390x",
          "CRB-10.2.Z:libwinpr-devel-2:3.10.3-12.el10_2.2.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2026-22859"
        },
        {
          "category": "external",
          "summary": "RHBZ#2429653",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2429653"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2026-22859",
          "url": "https://www.cve.org/CVERecord?id=CVE-2026-22859"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-22859",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-22859"
        },
        {
          "category": "external",
          "summary": "https://github.com/FreeRDP/FreeRDP/releases/tag/3.20.1",
          "url": "https://github.com/FreeRDP/FreeRDP/releases/tag/3.20.1"
        },
        {
          "category": "external",
          "summary": "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-56f5-76qv-2r36",
          "url": "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-56f5-76qv-2r36"
        }
      ],
      "release_date": "2026-01-14T17:57:37+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2026-05-19T13:29:01+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.src",
            "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:freerdp-libs-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-libs-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-libs-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-libs-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:libwinpr-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:libwinpr-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:libwinpr-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:libwinpr-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-devel-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-devel-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-devel-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-devel-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-server-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-server-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-server-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-server-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:libwinpr-devel-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:libwinpr-devel-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:libwinpr-devel-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:libwinpr-devel-2:3.10.3-12.el10_2.2.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2026:19033"
        },
        {
          "category": "workaround",
          "details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
          "product_ids": [
            "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.src",
            "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:freerdp-libs-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-libs-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-libs-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-libs-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:libwinpr-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:libwinpr-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:libwinpr-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:libwinpr-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-devel-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-devel-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-devel-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-devel-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-server-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-server-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-server-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-server-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:libwinpr-devel-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:libwinpr-devel-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:libwinpr-devel-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:libwinpr-devel-2:3.10.3-12.el10_2.2.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.4,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.src",
            "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:freerdp-libs-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-libs-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-libs-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-libs-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:libwinpr-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:libwinpr-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:libwinpr-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:libwinpr-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-devel-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-devel-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-devel-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-devel-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-server-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-server-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-server-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-server-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:libwinpr-devel-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:libwinpr-devel-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:libwinpr-devel-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:libwinpr-devel-2:3.10.3-12.el10_2.2.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "freerdp: FreeRDP heap-buffer-overflow"
    },
    {
      "cve": "CVE-2026-23732",
      "cwe": {
        "id": "CWE-122",
        "name": "Heap-based Buffer Overflow"
      },
      "discovery_date": "2026-01-19T18:01:18.943425+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2430881"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in FreeRDP. A malicious server can exploit a vulnerability in FastGlyph parsing, which improperly trusts data length without sufficient validation. This can lead to a client-side global buffer overflow, resulting in a denial of service (DoS) due to a crash. For this vulnerability to be exploited, a client must connect to a maliciously-configured server.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "freerdp: FreeRDP: Denial of Service via FastGlyph parsing buffer overflow",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "For this vulnerability to be exploited, a client must connect to a maliciously-configured server. Red Hat recommends that FreeRDP clients are only used to connect to trusted servers.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.aarch64",
          "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.ppc64le",
          "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.s390x",
          "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.src",
          "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.x86_64",
          "AppStream-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
          "AppStream-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
          "AppStream-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.s390x",
          "AppStream-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
          "AppStream-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.aarch64",
          "AppStream-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.ppc64le",
          "AppStream-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.s390x",
          "AppStream-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.x86_64",
          "AppStream-10.2.Z:freerdp-libs-2:3.10.3-12.el10_2.2.aarch64",
          "AppStream-10.2.Z:freerdp-libs-2:3.10.3-12.el10_2.2.ppc64le",
          "AppStream-10.2.Z:freerdp-libs-2:3.10.3-12.el10_2.2.s390x",
          "AppStream-10.2.Z:freerdp-libs-2:3.10.3-12.el10_2.2.x86_64",
          "AppStream-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
          "AppStream-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
          "AppStream-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.s390x",
          "AppStream-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
          "AppStream-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
          "AppStream-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
          "AppStream-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.s390x",
          "AppStream-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
          "AppStream-10.2.Z:libwinpr-2:3.10.3-12.el10_2.2.aarch64",
          "AppStream-10.2.Z:libwinpr-2:3.10.3-12.el10_2.2.ppc64le",
          "AppStream-10.2.Z:libwinpr-2:3.10.3-12.el10_2.2.s390x",
          "AppStream-10.2.Z:libwinpr-2:3.10.3-12.el10_2.2.x86_64",
          "AppStream-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
          "AppStream-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
          "AppStream-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.s390x",
          "AppStream-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
          "CRB-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
          "CRB-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
          "CRB-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.s390x",
          "CRB-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
          "CRB-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.aarch64",
          "CRB-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.ppc64le",
          "CRB-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.s390x",
          "CRB-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.x86_64",
          "CRB-10.2.Z:freerdp-devel-2:3.10.3-12.el10_2.2.aarch64",
          "CRB-10.2.Z:freerdp-devel-2:3.10.3-12.el10_2.2.ppc64le",
          "CRB-10.2.Z:freerdp-devel-2:3.10.3-12.el10_2.2.s390x",
          "CRB-10.2.Z:freerdp-devel-2:3.10.3-12.el10_2.2.x86_64",
          "CRB-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
          "CRB-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
          "CRB-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.s390x",
          "CRB-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
          "CRB-10.2.Z:freerdp-server-2:3.10.3-12.el10_2.2.aarch64",
          "CRB-10.2.Z:freerdp-server-2:3.10.3-12.el10_2.2.ppc64le",
          "CRB-10.2.Z:freerdp-server-2:3.10.3-12.el10_2.2.s390x",
          "CRB-10.2.Z:freerdp-server-2:3.10.3-12.el10_2.2.x86_64",
          "CRB-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
          "CRB-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
          "CRB-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.s390x",
          "CRB-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
          "CRB-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
          "CRB-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
          "CRB-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.s390x",
          "CRB-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
          "CRB-10.2.Z:libwinpr-devel-2:3.10.3-12.el10_2.2.aarch64",
          "CRB-10.2.Z:libwinpr-devel-2:3.10.3-12.el10_2.2.ppc64le",
          "CRB-10.2.Z:libwinpr-devel-2:3.10.3-12.el10_2.2.s390x",
          "CRB-10.2.Z:libwinpr-devel-2:3.10.3-12.el10_2.2.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2026-23732"
        },
        {
          "category": "external",
          "summary": "RHBZ#2430881",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2430881"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2026-23732",
          "url": "https://www.cve.org/CVERecord?id=CVE-2026-23732"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-23732",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-23732"
        },
        {
          "category": "external",
          "summary": "https://github.com/FreeRDP/FreeRDP/blob/f96ee2a6dd02739325c2a4e36a14978b561f00ea/libfreerdp/cache/glyph.c#L463-L480",
          "url": "https://github.com/FreeRDP/FreeRDP/blob/f96ee2a6dd02739325c2a4e36a14978b561f00ea/libfreerdp/cache/glyph.c#L463-L480"
        },
        {
          "category": "external",
          "summary": "https://github.com/FreeRDP/FreeRDP/blob/f96ee2a6dd02739325c2a4e36a14978b561f00ea/libfreerdp/codec/color.c#L261-L277",
          "url": "https://github.com/FreeRDP/FreeRDP/blob/f96ee2a6dd02739325c2a4e36a14978b561f00ea/libfreerdp/codec/color.c#L261-L277"
        },
        {
          "category": "external",
          "summary": "https://github.com/FreeRDP/FreeRDP/blob/f96ee2a6dd02739325c2a4e36a14978b561f00ea/libfreerdp/core/graphics.c#L138",
          "url": "https://github.com/FreeRDP/FreeRDP/blob/f96ee2a6dd02739325c2a4e36a14978b561f00ea/libfreerdp/core/graphics.c#L138"
        },
        {
          "category": "external",
          "summary": "https://github.com/FreeRDP/FreeRDP/blob/f96ee2a6dd02739325c2a4e36a14978b561f00ea/libfreerdp/core/orders.c#L2186C17-L2199",
          "url": "https://github.com/FreeRDP/FreeRDP/blob/f96ee2a6dd02739325c2a4e36a14978b561f00ea/libfreerdp/core/orders.c#L2186C17-L2199"
        },
        {
          "category": "external",
          "summary": "https://github.com/FreeRDP/FreeRDP/releases/tag/3.21.0",
          "url": "https://github.com/FreeRDP/FreeRDP/releases/tag/3.21.0"
        },
        {
          "category": "external",
          "summary": "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-7qxp-j2fj-c3pp",
          "url": "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-7qxp-j2fj-c3pp"
        }
      ],
      "release_date": "2026-01-19T17:12:57.772000+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2026-05-19T13:29:01+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.src",
            "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:freerdp-libs-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-libs-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-libs-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-libs-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:libwinpr-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:libwinpr-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:libwinpr-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:libwinpr-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-devel-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-devel-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-devel-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-devel-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-server-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-server-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-server-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-server-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:libwinpr-devel-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:libwinpr-devel-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:libwinpr-devel-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:libwinpr-devel-2:3.10.3-12.el10_2.2.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2026:19033"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.src",
            "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:freerdp-libs-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-libs-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-libs-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-libs-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:libwinpr-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:libwinpr-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:libwinpr-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:libwinpr-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-devel-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-devel-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-devel-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-devel-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-server-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-server-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-server-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-server-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:libwinpr-devel-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:libwinpr-devel-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:libwinpr-devel-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:libwinpr-devel-2:3.10.3-12.el10_2.2.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "freerdp: FreeRDP: Denial of Service via FastGlyph parsing buffer overflow"
    },
    {
      "cve": "CVE-2026-23948",
      "cwe": {
        "id": "CWE-476",
        "name": "NULL Pointer Dereference"
      },
      "discovery_date": "2026-02-09T20:01:35.778373+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2438207"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A null pointer dereference has been discovered in FreeRDP. A NULL pointer dereference vulnerability in rdp_write_logon_info_v2() allows a malicious RDP server to crash FreeRDP proxy by sending a specially crafted LogonInfoV2 PDU with cbDomain=0 or cbUserName=0.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "freerdp: FreeRDP has a NULL Pointer Dereference in rdp_write_logon_info_v2()",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "Availability impact is limited to the FreeRDP instance on Red Hat Products. General system availability is not at risk.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.aarch64",
          "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.ppc64le",
          "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.s390x",
          "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.src",
          "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.x86_64",
          "AppStream-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
          "AppStream-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
          "AppStream-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.s390x",
          "AppStream-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
          "AppStream-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.aarch64",
          "AppStream-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.ppc64le",
          "AppStream-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.s390x",
          "AppStream-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.x86_64",
          "AppStream-10.2.Z:freerdp-libs-2:3.10.3-12.el10_2.2.aarch64",
          "AppStream-10.2.Z:freerdp-libs-2:3.10.3-12.el10_2.2.ppc64le",
          "AppStream-10.2.Z:freerdp-libs-2:3.10.3-12.el10_2.2.s390x",
          "AppStream-10.2.Z:freerdp-libs-2:3.10.3-12.el10_2.2.x86_64",
          "AppStream-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
          "AppStream-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
          "AppStream-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.s390x",
          "AppStream-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
          "AppStream-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
          "AppStream-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
          "AppStream-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.s390x",
          "AppStream-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
          "AppStream-10.2.Z:libwinpr-2:3.10.3-12.el10_2.2.aarch64",
          "AppStream-10.2.Z:libwinpr-2:3.10.3-12.el10_2.2.ppc64le",
          "AppStream-10.2.Z:libwinpr-2:3.10.3-12.el10_2.2.s390x",
          "AppStream-10.2.Z:libwinpr-2:3.10.3-12.el10_2.2.x86_64",
          "AppStream-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
          "AppStream-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
          "AppStream-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.s390x",
          "AppStream-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
          "CRB-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
          "CRB-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
          "CRB-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.s390x",
          "CRB-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
          "CRB-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.aarch64",
          "CRB-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.ppc64le",
          "CRB-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.s390x",
          "CRB-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.x86_64",
          "CRB-10.2.Z:freerdp-devel-2:3.10.3-12.el10_2.2.aarch64",
          "CRB-10.2.Z:freerdp-devel-2:3.10.3-12.el10_2.2.ppc64le",
          "CRB-10.2.Z:freerdp-devel-2:3.10.3-12.el10_2.2.s390x",
          "CRB-10.2.Z:freerdp-devel-2:3.10.3-12.el10_2.2.x86_64",
          "CRB-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
          "CRB-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
          "CRB-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.s390x",
          "CRB-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
          "CRB-10.2.Z:freerdp-server-2:3.10.3-12.el10_2.2.aarch64",
          "CRB-10.2.Z:freerdp-server-2:3.10.3-12.el10_2.2.ppc64le",
          "CRB-10.2.Z:freerdp-server-2:3.10.3-12.el10_2.2.s390x",
          "CRB-10.2.Z:freerdp-server-2:3.10.3-12.el10_2.2.x86_64",
          "CRB-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
          "CRB-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
          "CRB-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.s390x",
          "CRB-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
          "CRB-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
          "CRB-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
          "CRB-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.s390x",
          "CRB-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
          "CRB-10.2.Z:libwinpr-devel-2:3.10.3-12.el10_2.2.aarch64",
          "CRB-10.2.Z:libwinpr-devel-2:3.10.3-12.el10_2.2.ppc64le",
          "CRB-10.2.Z:libwinpr-devel-2:3.10.3-12.el10_2.2.s390x",
          "CRB-10.2.Z:libwinpr-devel-2:3.10.3-12.el10_2.2.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2026-23948"
        },
        {
          "category": "external",
          "summary": "RHBZ#2438207",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2438207"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2026-23948",
          "url": "https://www.cve.org/CVERecord?id=CVE-2026-23948"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-23948",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-23948"
        },
        {
          "category": "external",
          "summary": "https://github.com/FreeRDP/FreeRDP/commit/4d44e3c097656a8b9ec696353647b0888ca45860",
          "url": "https://github.com/FreeRDP/FreeRDP/commit/4d44e3c097656a8b9ec696353647b0888ca45860"
        },
        {
          "category": "external",
          "summary": "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-6f3c-qvqq-2px5",
          "url": "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-6f3c-qvqq-2px5"
        }
      ],
      "release_date": "2026-02-09T18:12:00.737000+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2026-05-19T13:29:01+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.src",
            "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:freerdp-libs-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-libs-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-libs-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-libs-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:libwinpr-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:libwinpr-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:libwinpr-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:libwinpr-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-devel-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-devel-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-devel-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-devel-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-server-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-server-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-server-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-server-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:libwinpr-devel-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:libwinpr-devel-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:libwinpr-devel-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:libwinpr-devel-2:3.10.3-12.el10_2.2.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2026:19033"
        },
        {
          "category": "workaround",
          "details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
          "product_ids": [
            "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.src",
            "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:freerdp-libs-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-libs-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-libs-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-libs-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:libwinpr-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:libwinpr-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:libwinpr-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:libwinpr-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-devel-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-devel-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-devel-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-devel-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-server-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-server-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-server-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-server-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:libwinpr-devel-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:libwinpr-devel-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:libwinpr-devel-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:libwinpr-devel-2:3.10.3-12.el10_2.2.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "LOW",
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
            "version": "3.1"
          },
          "products": [
            "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.src",
            "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:freerdp-libs-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-libs-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-libs-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-libs-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:libwinpr-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:libwinpr-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:libwinpr-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:libwinpr-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-devel-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-devel-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-devel-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-devel-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-server-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-server-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-server-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-server-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:libwinpr-devel-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:libwinpr-devel-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:libwinpr-devel-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:libwinpr-devel-2:3.10.3-12.el10_2.2.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "freerdp: FreeRDP has a NULL Pointer Dereference in rdp_write_logon_info_v2()"
    },
    {
      "cve": "CVE-2026-24491",
      "cwe": {
        "id": "CWE-825",
        "name": "Expired Pointer Dereference"
      },
      "discovery_date": "2026-02-09T20:01:21.676057+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2438202"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A use after free flaw has been discovered in FreeRDP. The video_timer can send client notifications after the control channel is closed, dereferencing a freed callback and triggering a use after free. A malicious server can trigger a client‑side heap use after free causing a crash (DoS).",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "freerdp: FreeRDP has a heap-use-after-free in video_timer",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "Availability impact is limited to the FreeRDP instance on Red Hat Products. General system availability is not at risk.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.aarch64",
          "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.ppc64le",
          "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.s390x",
          "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.src",
          "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.x86_64",
          "AppStream-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
          "AppStream-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
          "AppStream-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.s390x",
          "AppStream-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
          "AppStream-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.aarch64",
          "AppStream-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.ppc64le",
          "AppStream-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.s390x",
          "AppStream-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.x86_64",
          "AppStream-10.2.Z:freerdp-libs-2:3.10.3-12.el10_2.2.aarch64",
          "AppStream-10.2.Z:freerdp-libs-2:3.10.3-12.el10_2.2.ppc64le",
          "AppStream-10.2.Z:freerdp-libs-2:3.10.3-12.el10_2.2.s390x",
          "AppStream-10.2.Z:freerdp-libs-2:3.10.3-12.el10_2.2.x86_64",
          "AppStream-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
          "AppStream-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
          "AppStream-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.s390x",
          "AppStream-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
          "AppStream-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
          "AppStream-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
          "AppStream-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.s390x",
          "AppStream-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
          "AppStream-10.2.Z:libwinpr-2:3.10.3-12.el10_2.2.aarch64",
          "AppStream-10.2.Z:libwinpr-2:3.10.3-12.el10_2.2.ppc64le",
          "AppStream-10.2.Z:libwinpr-2:3.10.3-12.el10_2.2.s390x",
          "AppStream-10.2.Z:libwinpr-2:3.10.3-12.el10_2.2.x86_64",
          "AppStream-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
          "AppStream-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
          "AppStream-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.s390x",
          "AppStream-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
          "CRB-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
          "CRB-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
          "CRB-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.s390x",
          "CRB-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
          "CRB-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.aarch64",
          "CRB-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.ppc64le",
          "CRB-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.s390x",
          "CRB-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.x86_64",
          "CRB-10.2.Z:freerdp-devel-2:3.10.3-12.el10_2.2.aarch64",
          "CRB-10.2.Z:freerdp-devel-2:3.10.3-12.el10_2.2.ppc64le",
          "CRB-10.2.Z:freerdp-devel-2:3.10.3-12.el10_2.2.s390x",
          "CRB-10.2.Z:freerdp-devel-2:3.10.3-12.el10_2.2.x86_64",
          "CRB-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
          "CRB-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
          "CRB-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.s390x",
          "CRB-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
          "CRB-10.2.Z:freerdp-server-2:3.10.3-12.el10_2.2.aarch64",
          "CRB-10.2.Z:freerdp-server-2:3.10.3-12.el10_2.2.ppc64le",
          "CRB-10.2.Z:freerdp-server-2:3.10.3-12.el10_2.2.s390x",
          "CRB-10.2.Z:freerdp-server-2:3.10.3-12.el10_2.2.x86_64",
          "CRB-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
          "CRB-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
          "CRB-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.s390x",
          "CRB-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
          "CRB-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
          "CRB-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
          "CRB-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.s390x",
          "CRB-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
          "CRB-10.2.Z:libwinpr-devel-2:3.10.3-12.el10_2.2.aarch64",
          "CRB-10.2.Z:libwinpr-devel-2:3.10.3-12.el10_2.2.ppc64le",
          "CRB-10.2.Z:libwinpr-devel-2:3.10.3-12.el10_2.2.s390x",
          "CRB-10.2.Z:libwinpr-devel-2:3.10.3-12.el10_2.2.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2026-24491"
        },
        {
          "category": "external",
          "summary": "RHBZ#2438202",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2438202"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2026-24491",
          "url": "https://www.cve.org/CVERecord?id=CVE-2026-24491"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-24491",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-24491"
        },
        {
          "category": "external",
          "summary": "https://github.com/FreeRDP/FreeRDP/commit/e02e052f6692550e539d10f99de9c35a23492db2",
          "url": "https://github.com/FreeRDP/FreeRDP/commit/e02e052f6692550e539d10f99de9c35a23492db2"
        },
        {
          "category": "external",
          "summary": "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-4x6j-w49r-869g",
          "url": "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-4x6j-w49r-869g"
        }
      ],
      "release_date": "2026-02-09T18:13:44.302000+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2026-05-19T13:29:01+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.src",
            "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:freerdp-libs-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-libs-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-libs-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-libs-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:libwinpr-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:libwinpr-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:libwinpr-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:libwinpr-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-devel-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-devel-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-devel-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-devel-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-server-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-server-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-server-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-server-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:libwinpr-devel-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:libwinpr-devel-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:libwinpr-devel-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:libwinpr-devel-2:3.10.3-12.el10_2.2.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2026:19033"
        },
        {
          "category": "workaround",
          "details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
          "product_ids": [
            "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.src",
            "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:freerdp-libs-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-libs-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-libs-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-libs-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:libwinpr-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:libwinpr-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:libwinpr-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:libwinpr-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-devel-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-devel-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-devel-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-devel-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-server-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-server-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-server-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-server-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:libwinpr-devel-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:libwinpr-devel-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:libwinpr-devel-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:libwinpr-devel-2:3.10.3-12.el10_2.2.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "LOW",
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
            "version": "3.1"
          },
          "products": [
            "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.src",
            "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:freerdp-libs-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-libs-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-libs-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-libs-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:libwinpr-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:libwinpr-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:libwinpr-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:libwinpr-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-devel-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-devel-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-devel-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-devel-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-server-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-server-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-server-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-server-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:libwinpr-devel-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:libwinpr-devel-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:libwinpr-devel-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:libwinpr-devel-2:3.10.3-12.el10_2.2.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "freerdp: FreeRDP has a heap-use-after-free in video_timer"
    },
    {
      "cve": "CVE-2026-24675",
      "cwe": {
        "id": "CWE-825",
        "name": "Expired Pointer Dereference"
      },
      "discovery_date": "2026-02-09T20:02:21.865304+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2438221"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A heap buffer use after free has been discovered in FreeRDP. urb_select_interface can free the device's MS config on error but later code still dereferences it, leading to a use after free in libusb_udev_select_interface.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "freerdp: FreeRDP has a Heap-use-after-free in urb_select_interface",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "Availability impact is limited to the FreeRDP instance on Red Hat Products. General system availability is not at risk.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.aarch64",
          "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.ppc64le",
          "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.s390x",
          "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.src",
          "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.x86_64",
          "AppStream-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
          "AppStream-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
          "AppStream-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.s390x",
          "AppStream-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
          "AppStream-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.aarch64",
          "AppStream-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.ppc64le",
          "AppStream-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.s390x",
          "AppStream-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.x86_64",
          "AppStream-10.2.Z:freerdp-libs-2:3.10.3-12.el10_2.2.aarch64",
          "AppStream-10.2.Z:freerdp-libs-2:3.10.3-12.el10_2.2.ppc64le",
          "AppStream-10.2.Z:freerdp-libs-2:3.10.3-12.el10_2.2.s390x",
          "AppStream-10.2.Z:freerdp-libs-2:3.10.3-12.el10_2.2.x86_64",
          "AppStream-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
          "AppStream-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
          "AppStream-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.s390x",
          "AppStream-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
          "AppStream-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
          "AppStream-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
          "AppStream-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.s390x",
          "AppStream-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
          "AppStream-10.2.Z:libwinpr-2:3.10.3-12.el10_2.2.aarch64",
          "AppStream-10.2.Z:libwinpr-2:3.10.3-12.el10_2.2.ppc64le",
          "AppStream-10.2.Z:libwinpr-2:3.10.3-12.el10_2.2.s390x",
          "AppStream-10.2.Z:libwinpr-2:3.10.3-12.el10_2.2.x86_64",
          "AppStream-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
          "AppStream-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
          "AppStream-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.s390x",
          "AppStream-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
          "CRB-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
          "CRB-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
          "CRB-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.s390x",
          "CRB-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
          "CRB-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.aarch64",
          "CRB-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.ppc64le",
          "CRB-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.s390x",
          "CRB-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.x86_64",
          "CRB-10.2.Z:freerdp-devel-2:3.10.3-12.el10_2.2.aarch64",
          "CRB-10.2.Z:freerdp-devel-2:3.10.3-12.el10_2.2.ppc64le",
          "CRB-10.2.Z:freerdp-devel-2:3.10.3-12.el10_2.2.s390x",
          "CRB-10.2.Z:freerdp-devel-2:3.10.3-12.el10_2.2.x86_64",
          "CRB-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
          "CRB-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
          "CRB-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.s390x",
          "CRB-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
          "CRB-10.2.Z:freerdp-server-2:3.10.3-12.el10_2.2.aarch64",
          "CRB-10.2.Z:freerdp-server-2:3.10.3-12.el10_2.2.ppc64le",
          "CRB-10.2.Z:freerdp-server-2:3.10.3-12.el10_2.2.s390x",
          "CRB-10.2.Z:freerdp-server-2:3.10.3-12.el10_2.2.x86_64",
          "CRB-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
          "CRB-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
          "CRB-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.s390x",
          "CRB-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
          "CRB-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
          "CRB-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
          "CRB-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.s390x",
          "CRB-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
          "CRB-10.2.Z:libwinpr-devel-2:3.10.3-12.el10_2.2.aarch64",
          "CRB-10.2.Z:libwinpr-devel-2:3.10.3-12.el10_2.2.ppc64le",
          "CRB-10.2.Z:libwinpr-devel-2:3.10.3-12.el10_2.2.s390x",
          "CRB-10.2.Z:libwinpr-devel-2:3.10.3-12.el10_2.2.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2026-24675"
        },
        {
          "category": "external",
          "summary": "RHBZ#2438221",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2438221"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2026-24675",
          "url": "https://www.cve.org/CVERecord?id=CVE-2026-24675"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-24675",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-24675"
        },
        {
          "category": "external",
          "summary": "https://github.com/FreeRDP/FreeRDP/commit/d676518809c319eec15911c705c13536036af2ae",
          "url": "https://github.com/FreeRDP/FreeRDP/commit/d676518809c319eec15911c705c13536036af2ae"
        },
        {
          "category": "external",
          "summary": "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-x9jr-99h2-g7mj",
          "url": "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-x9jr-99h2-g7mj"
        }
      ],
      "release_date": "2026-02-09T18:14:40.667000+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2026-05-19T13:29:01+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.src",
            "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:freerdp-libs-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-libs-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-libs-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-libs-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:libwinpr-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:libwinpr-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:libwinpr-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:libwinpr-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-devel-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-devel-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-devel-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-devel-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-server-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-server-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-server-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-server-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:libwinpr-devel-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:libwinpr-devel-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:libwinpr-devel-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:libwinpr-devel-2:3.10.3-12.el10_2.2.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2026:19033"
        },
        {
          "category": "workaround",
          "details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
          "product_ids": [
            "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.src",
            "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:freerdp-libs-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-libs-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-libs-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-libs-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:libwinpr-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:libwinpr-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:libwinpr-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:libwinpr-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-devel-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-devel-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-devel-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-devel-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-server-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-server-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-server-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-server-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:libwinpr-devel-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:libwinpr-devel-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:libwinpr-devel-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:libwinpr-devel-2:3.10.3-12.el10_2.2.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "LOW",
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
            "version": "3.1"
          },
          "products": [
            "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.src",
            "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:freerdp-libs-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-libs-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-libs-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-libs-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:libwinpr-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:libwinpr-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:libwinpr-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:libwinpr-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-devel-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-devel-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-devel-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-devel-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-server-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-server-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-server-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-server-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:libwinpr-devel-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:libwinpr-devel-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:libwinpr-devel-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:libwinpr-devel-2:3.10.3-12.el10_2.2.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "freerdp: FreeRDP has a Heap-use-after-free in urb_select_interface"
    },
    {
      "cve": "CVE-2026-24676",
      "cwe": {
        "id": "CWE-825",
        "name": "Expired Pointer Dereference"
      },
      "discovery_date": "2026-02-09T20:01:18.996877+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2438201"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A use after free flaw was found in FreeRDP. AUDIN format renegotiation frees the active format list while the capture thread continues using audin->format, leading to a use after free in audio_format_compatible. A malicious server can trigger a client‑side heap use after free causing a crash.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "freerdp: FreeRDP: Denial of Service via use-after-free in AUDIN format renegotiation",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "Availability impact is limited to the FreeRDP instance on Red Hat Products. General system availability is not at risk.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.aarch64",
          "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.ppc64le",
          "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.s390x",
          "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.src",
          "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.x86_64",
          "AppStream-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
          "AppStream-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
          "AppStream-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.s390x",
          "AppStream-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
          "AppStream-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.aarch64",
          "AppStream-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.ppc64le",
          "AppStream-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.s390x",
          "AppStream-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.x86_64",
          "AppStream-10.2.Z:freerdp-libs-2:3.10.3-12.el10_2.2.aarch64",
          "AppStream-10.2.Z:freerdp-libs-2:3.10.3-12.el10_2.2.ppc64le",
          "AppStream-10.2.Z:freerdp-libs-2:3.10.3-12.el10_2.2.s390x",
          "AppStream-10.2.Z:freerdp-libs-2:3.10.3-12.el10_2.2.x86_64",
          "AppStream-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
          "AppStream-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
          "AppStream-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.s390x",
          "AppStream-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
          "AppStream-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
          "AppStream-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
          "AppStream-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.s390x",
          "AppStream-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
          "AppStream-10.2.Z:libwinpr-2:3.10.3-12.el10_2.2.aarch64",
          "AppStream-10.2.Z:libwinpr-2:3.10.3-12.el10_2.2.ppc64le",
          "AppStream-10.2.Z:libwinpr-2:3.10.3-12.el10_2.2.s390x",
          "AppStream-10.2.Z:libwinpr-2:3.10.3-12.el10_2.2.x86_64",
          "AppStream-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
          "AppStream-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
          "AppStream-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.s390x",
          "AppStream-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
          "CRB-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
          "CRB-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
          "CRB-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.s390x",
          "CRB-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
          "CRB-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.aarch64",
          "CRB-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.ppc64le",
          "CRB-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.s390x",
          "CRB-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.x86_64",
          "CRB-10.2.Z:freerdp-devel-2:3.10.3-12.el10_2.2.aarch64",
          "CRB-10.2.Z:freerdp-devel-2:3.10.3-12.el10_2.2.ppc64le",
          "CRB-10.2.Z:freerdp-devel-2:3.10.3-12.el10_2.2.s390x",
          "CRB-10.2.Z:freerdp-devel-2:3.10.3-12.el10_2.2.x86_64",
          "CRB-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
          "CRB-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
          "CRB-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.s390x",
          "CRB-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
          "CRB-10.2.Z:freerdp-server-2:3.10.3-12.el10_2.2.aarch64",
          "CRB-10.2.Z:freerdp-server-2:3.10.3-12.el10_2.2.ppc64le",
          "CRB-10.2.Z:freerdp-server-2:3.10.3-12.el10_2.2.s390x",
          "CRB-10.2.Z:freerdp-server-2:3.10.3-12.el10_2.2.x86_64",
          "CRB-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
          "CRB-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
          "CRB-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.s390x",
          "CRB-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
          "CRB-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
          "CRB-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
          "CRB-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.s390x",
          "CRB-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
          "CRB-10.2.Z:libwinpr-devel-2:3.10.3-12.el10_2.2.aarch64",
          "CRB-10.2.Z:libwinpr-devel-2:3.10.3-12.el10_2.2.ppc64le",
          "CRB-10.2.Z:libwinpr-devel-2:3.10.3-12.el10_2.2.s390x",
          "CRB-10.2.Z:libwinpr-devel-2:3.10.3-12.el10_2.2.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2026-24676"
        },
        {
          "category": "external",
          "summary": "RHBZ#2438201",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2438201"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2026-24676",
          "url": "https://www.cve.org/CVERecord?id=CVE-2026-24676"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-24676",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-24676"
        },
        {
          "category": "external",
          "summary": "https://github.com/FreeRDP/FreeRDP/commit/026b81ae5831ac1598d8f7371e0d0996fac7db00",
          "url": "https://github.com/FreeRDP/FreeRDP/commit/026b81ae5831ac1598d8f7371e0d0996fac7db00"
        },
        {
          "category": "external",
          "summary": "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-qh5p-frq4-pgxj",
          "url": "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-qh5p-frq4-pgxj"
        }
      ],
      "release_date": "2026-02-09T18:15:33.646000+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2026-05-19T13:29:01+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.src",
            "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:freerdp-libs-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-libs-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-libs-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-libs-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:libwinpr-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:libwinpr-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:libwinpr-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:libwinpr-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-devel-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-devel-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-devel-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-devel-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-server-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-server-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-server-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-server-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:libwinpr-devel-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:libwinpr-devel-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:libwinpr-devel-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:libwinpr-devel-2:3.10.3-12.el10_2.2.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2026:19033"
        },
        {
          "category": "workaround",
          "details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
          "product_ids": [
            "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.src",
            "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:freerdp-libs-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-libs-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-libs-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-libs-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:libwinpr-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:libwinpr-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:libwinpr-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:libwinpr-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-devel-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-devel-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-devel-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-devel-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-server-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-server-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-server-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-server-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:libwinpr-devel-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:libwinpr-devel-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:libwinpr-devel-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:libwinpr-devel-2:3.10.3-12.el10_2.2.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "LOW",
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
            "version": "3.1"
          },
          "products": [
            "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.src",
            "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:freerdp-libs-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-libs-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-libs-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-libs-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:libwinpr-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:libwinpr-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:libwinpr-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:libwinpr-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-devel-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-devel-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-devel-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-devel-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-server-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-server-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-server-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-server-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:libwinpr-devel-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:libwinpr-devel-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:libwinpr-devel-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:libwinpr-devel-2:3.10.3-12.el10_2.2.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "freerdp: FreeRDP: Denial of Service via use-after-free in AUDIN format renegotiation"
    },
    {
      "cve": "CVE-2026-24678",
      "cwe": {
        "id": "CWE-825",
        "name": "Expired Pointer Dereference"
      },
      "discovery_date": "2026-02-09T20:01:06.670438+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2438197"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A denial of service flaw has been found in FreeRDP. A capture thread sends sample responses using a freed channel callback after a device channel close, leading to a use after free in ecam_channel_write.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "freerdp: FreeRDP: Denial of Service via use after free in ecam_channel_write",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.aarch64",
          "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.ppc64le",
          "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.s390x",
          "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.src",
          "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.x86_64",
          "AppStream-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
          "AppStream-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
          "AppStream-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.s390x",
          "AppStream-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
          "AppStream-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.aarch64",
          "AppStream-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.ppc64le",
          "AppStream-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.s390x",
          "AppStream-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.x86_64",
          "AppStream-10.2.Z:freerdp-libs-2:3.10.3-12.el10_2.2.aarch64",
          "AppStream-10.2.Z:freerdp-libs-2:3.10.3-12.el10_2.2.ppc64le",
          "AppStream-10.2.Z:freerdp-libs-2:3.10.3-12.el10_2.2.s390x",
          "AppStream-10.2.Z:freerdp-libs-2:3.10.3-12.el10_2.2.x86_64",
          "AppStream-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
          "AppStream-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
          "AppStream-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.s390x",
          "AppStream-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
          "AppStream-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
          "AppStream-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
          "AppStream-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.s390x",
          "AppStream-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
          "AppStream-10.2.Z:libwinpr-2:3.10.3-12.el10_2.2.aarch64",
          "AppStream-10.2.Z:libwinpr-2:3.10.3-12.el10_2.2.ppc64le",
          "AppStream-10.2.Z:libwinpr-2:3.10.3-12.el10_2.2.s390x",
          "AppStream-10.2.Z:libwinpr-2:3.10.3-12.el10_2.2.x86_64",
          "AppStream-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
          "AppStream-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
          "AppStream-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.s390x",
          "AppStream-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
          "CRB-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
          "CRB-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
          "CRB-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.s390x",
          "CRB-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
          "CRB-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.aarch64",
          "CRB-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.ppc64le",
          "CRB-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.s390x",
          "CRB-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.x86_64",
          "CRB-10.2.Z:freerdp-devel-2:3.10.3-12.el10_2.2.aarch64",
          "CRB-10.2.Z:freerdp-devel-2:3.10.3-12.el10_2.2.ppc64le",
          "CRB-10.2.Z:freerdp-devel-2:3.10.3-12.el10_2.2.s390x",
          "CRB-10.2.Z:freerdp-devel-2:3.10.3-12.el10_2.2.x86_64",
          "CRB-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
          "CRB-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
          "CRB-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.s390x",
          "CRB-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
          "CRB-10.2.Z:freerdp-server-2:3.10.3-12.el10_2.2.aarch64",
          "CRB-10.2.Z:freerdp-server-2:3.10.3-12.el10_2.2.ppc64le",
          "CRB-10.2.Z:freerdp-server-2:3.10.3-12.el10_2.2.s390x",
          "CRB-10.2.Z:freerdp-server-2:3.10.3-12.el10_2.2.x86_64",
          "CRB-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
          "CRB-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
          "CRB-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.s390x",
          "CRB-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
          "CRB-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
          "CRB-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
          "CRB-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.s390x",
          "CRB-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
          "CRB-10.2.Z:libwinpr-devel-2:3.10.3-12.el10_2.2.aarch64",
          "CRB-10.2.Z:libwinpr-devel-2:3.10.3-12.el10_2.2.ppc64le",
          "CRB-10.2.Z:libwinpr-devel-2:3.10.3-12.el10_2.2.s390x",
          "CRB-10.2.Z:libwinpr-devel-2:3.10.3-12.el10_2.2.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2026-24678"
        },
        {
          "category": "external",
          "summary": "RHBZ#2438197",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2438197"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2026-24678",
          "url": "https://www.cve.org/CVERecord?id=CVE-2026-24678"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-24678",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-24678"
        },
        {
          "category": "external",
          "summary": "https://github.com/FreeRDP/FreeRDP/commit/f3ab1a16139036179d9852745fdade18fec11600",
          "url": "https://github.com/FreeRDP/FreeRDP/commit/f3ab1a16139036179d9852745fdade18fec11600"
        },
        {
          "category": "external",
          "summary": "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-6gvg-29wx-6v7h",
          "url": "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-6gvg-29wx-6v7h"
        }
      ],
      "release_date": "2026-02-09T18:17:27.040000+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2026-05-19T13:29:01+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.src",
            "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:freerdp-libs-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-libs-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-libs-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-libs-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:libwinpr-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:libwinpr-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:libwinpr-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:libwinpr-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-devel-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-devel-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-devel-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-devel-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-server-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-server-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-server-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-server-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:libwinpr-devel-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:libwinpr-devel-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:libwinpr-devel-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:libwinpr-devel-2:3.10.3-12.el10_2.2.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2026:19033"
        },
        {
          "category": "workaround",
          "details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
          "product_ids": [
            "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.src",
            "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:freerdp-libs-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-libs-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-libs-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-libs-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:libwinpr-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:libwinpr-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:libwinpr-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:libwinpr-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-devel-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-devel-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-devel-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-devel-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-server-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-server-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-server-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-server-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:libwinpr-devel-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:libwinpr-devel-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:libwinpr-devel-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:libwinpr-devel-2:3.10.3-12.el10_2.2.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "LOW",
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
            "version": "3.1"
          },
          "products": [
            "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.src",
            "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:freerdp-libs-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-libs-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-libs-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-libs-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:libwinpr-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:libwinpr-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:libwinpr-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:libwinpr-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-devel-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-devel-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-devel-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-devel-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-server-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-server-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-server-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-server-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:libwinpr-devel-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:libwinpr-devel-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:libwinpr-devel-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:libwinpr-devel-2:3.10.3-12.el10_2.2.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "freerdp: FreeRDP: Denial of Service via use after free in ecam_channel_write"
    },
    {
      "cve": "CVE-2026-24679",
      "cwe": {
        "id": "CWE-1285",
        "name": "Improper Validation of Specified Index, Position, or Offset in Input"
      },
      "discovery_date": "2026-02-09T20:02:08.618280+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2438217"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A heap buffer overflow has been discovered in FreeRDP. The URBDRC client uses server-supplied interface numbers as array indices without bounds checks, causing an out-of-bounds read in libusb_udev_select_interface.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "freerdp: FreeRDP has a heap-buffer-overflow in urb_select_interface",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "Availability impact is limited to the FreeRDP instance on Red Hat Products. General system availability is not at risk.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.aarch64",
          "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.ppc64le",
          "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.s390x",
          "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.src",
          "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.x86_64",
          "AppStream-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
          "AppStream-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
          "AppStream-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.s390x",
          "AppStream-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
          "AppStream-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.aarch64",
          "AppStream-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.ppc64le",
          "AppStream-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.s390x",
          "AppStream-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.x86_64",
          "AppStream-10.2.Z:freerdp-libs-2:3.10.3-12.el10_2.2.aarch64",
          "AppStream-10.2.Z:freerdp-libs-2:3.10.3-12.el10_2.2.ppc64le",
          "AppStream-10.2.Z:freerdp-libs-2:3.10.3-12.el10_2.2.s390x",
          "AppStream-10.2.Z:freerdp-libs-2:3.10.3-12.el10_2.2.x86_64",
          "AppStream-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
          "AppStream-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
          "AppStream-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.s390x",
          "AppStream-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
          "AppStream-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
          "AppStream-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
          "AppStream-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.s390x",
          "AppStream-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
          "AppStream-10.2.Z:libwinpr-2:3.10.3-12.el10_2.2.aarch64",
          "AppStream-10.2.Z:libwinpr-2:3.10.3-12.el10_2.2.ppc64le",
          "AppStream-10.2.Z:libwinpr-2:3.10.3-12.el10_2.2.s390x",
          "AppStream-10.2.Z:libwinpr-2:3.10.3-12.el10_2.2.x86_64",
          "AppStream-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
          "AppStream-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
          "AppStream-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.s390x",
          "AppStream-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
          "CRB-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
          "CRB-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
          "CRB-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.s390x",
          "CRB-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
          "CRB-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.aarch64",
          "CRB-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.ppc64le",
          "CRB-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.s390x",
          "CRB-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.x86_64",
          "CRB-10.2.Z:freerdp-devel-2:3.10.3-12.el10_2.2.aarch64",
          "CRB-10.2.Z:freerdp-devel-2:3.10.3-12.el10_2.2.ppc64le",
          "CRB-10.2.Z:freerdp-devel-2:3.10.3-12.el10_2.2.s390x",
          "CRB-10.2.Z:freerdp-devel-2:3.10.3-12.el10_2.2.x86_64",
          "CRB-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
          "CRB-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
          "CRB-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.s390x",
          "CRB-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
          "CRB-10.2.Z:freerdp-server-2:3.10.3-12.el10_2.2.aarch64",
          "CRB-10.2.Z:freerdp-server-2:3.10.3-12.el10_2.2.ppc64le",
          "CRB-10.2.Z:freerdp-server-2:3.10.3-12.el10_2.2.s390x",
          "CRB-10.2.Z:freerdp-server-2:3.10.3-12.el10_2.2.x86_64",
          "CRB-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
          "CRB-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
          "CRB-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.s390x",
          "CRB-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
          "CRB-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
          "CRB-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
          "CRB-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.s390x",
          "CRB-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
          "CRB-10.2.Z:libwinpr-devel-2:3.10.3-12.el10_2.2.aarch64",
          "CRB-10.2.Z:libwinpr-devel-2:3.10.3-12.el10_2.2.ppc64le",
          "CRB-10.2.Z:libwinpr-devel-2:3.10.3-12.el10_2.2.s390x",
          "CRB-10.2.Z:libwinpr-devel-2:3.10.3-12.el10_2.2.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2026-24679"
        },
        {
          "category": "external",
          "summary": "RHBZ#2438217",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2438217"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2026-24679",
          "url": "https://www.cve.org/CVERecord?id=CVE-2026-24679"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-24679",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-24679"
        },
        {
          "category": "external",
          "summary": "https://github.com/FreeRDP/FreeRDP/commit/2d563a50be17c1b407ca448b1321378c0726dd31",
          "url": "https://github.com/FreeRDP/FreeRDP/commit/2d563a50be17c1b407ca448b1321378c0726dd31"
        },
        {
          "category": "external",
          "summary": "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-2jp4-67x6-gv7x",
          "url": "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-2jp4-67x6-gv7x"
        }
      ],
      "release_date": "2026-02-09T18:19:00.409000+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2026-05-19T13:29:01+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.src",
            "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:freerdp-libs-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-libs-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-libs-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-libs-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:libwinpr-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:libwinpr-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:libwinpr-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:libwinpr-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-devel-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-devel-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-devel-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-devel-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-server-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-server-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-server-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-server-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:libwinpr-devel-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:libwinpr-devel-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:libwinpr-devel-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:libwinpr-devel-2:3.10.3-12.el10_2.2.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2026:19033"
        },
        {
          "category": "workaround",
          "details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
          "product_ids": [
            "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.src",
            "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:freerdp-libs-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-libs-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-libs-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-libs-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:libwinpr-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:libwinpr-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:libwinpr-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:libwinpr-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-devel-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-devel-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-devel-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-devel-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-server-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-server-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-server-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-server-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:libwinpr-devel-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:libwinpr-devel-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:libwinpr-devel-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:libwinpr-devel-2:3.10.3-12.el10_2.2.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "LOW",
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
            "version": "3.1"
          },
          "products": [
            "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.src",
            "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:freerdp-libs-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-libs-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-libs-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-libs-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:libwinpr-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:libwinpr-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:libwinpr-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:libwinpr-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-devel-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-devel-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-devel-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-devel-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-server-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-server-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-server-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-server-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:libwinpr-devel-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:libwinpr-devel-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:libwinpr-devel-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:libwinpr-devel-2:3.10.3-12.el10_2.2.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "freerdp: FreeRDP has a heap-buffer-overflow in urb_select_interface"
    },
    {
      "cve": "CVE-2026-24681",
      "cwe": {
        "id": "CWE-825",
        "name": "Expired Pointer Dereference"
      },
      "discovery_date": "2026-02-09T20:01:45.088999+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2438210"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A heap buffer use after free has been discovered in FreeRDP. Asynchronous bulk transfer completions can use a freed channel callback after URBDRC channel close, leading to a use after free in urb_write_completion.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "freerdp: FreeRDP has a heap-use-after-free in urb_bulk_transfer_cb",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "Availability impact is limited to the FreeRDP instance on Red Hat Products. General system availability is not at risk.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.aarch64",
          "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.ppc64le",
          "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.s390x",
          "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.src",
          "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.x86_64",
          "AppStream-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
          "AppStream-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
          "AppStream-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.s390x",
          "AppStream-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
          "AppStream-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.aarch64",
          "AppStream-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.ppc64le",
          "AppStream-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.s390x",
          "AppStream-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.x86_64",
          "AppStream-10.2.Z:freerdp-libs-2:3.10.3-12.el10_2.2.aarch64",
          "AppStream-10.2.Z:freerdp-libs-2:3.10.3-12.el10_2.2.ppc64le",
          "AppStream-10.2.Z:freerdp-libs-2:3.10.3-12.el10_2.2.s390x",
          "AppStream-10.2.Z:freerdp-libs-2:3.10.3-12.el10_2.2.x86_64",
          "AppStream-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
          "AppStream-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
          "AppStream-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.s390x",
          "AppStream-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
          "AppStream-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
          "AppStream-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
          "AppStream-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.s390x",
          "AppStream-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
          "AppStream-10.2.Z:libwinpr-2:3.10.3-12.el10_2.2.aarch64",
          "AppStream-10.2.Z:libwinpr-2:3.10.3-12.el10_2.2.ppc64le",
          "AppStream-10.2.Z:libwinpr-2:3.10.3-12.el10_2.2.s390x",
          "AppStream-10.2.Z:libwinpr-2:3.10.3-12.el10_2.2.x86_64",
          "AppStream-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
          "AppStream-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
          "AppStream-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.s390x",
          "AppStream-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
          "CRB-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
          "CRB-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
          "CRB-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.s390x",
          "CRB-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
          "CRB-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.aarch64",
          "CRB-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.ppc64le",
          "CRB-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.s390x",
          "CRB-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.x86_64",
          "CRB-10.2.Z:freerdp-devel-2:3.10.3-12.el10_2.2.aarch64",
          "CRB-10.2.Z:freerdp-devel-2:3.10.3-12.el10_2.2.ppc64le",
          "CRB-10.2.Z:freerdp-devel-2:3.10.3-12.el10_2.2.s390x",
          "CRB-10.2.Z:freerdp-devel-2:3.10.3-12.el10_2.2.x86_64",
          "CRB-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
          "CRB-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
          "CRB-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.s390x",
          "CRB-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
          "CRB-10.2.Z:freerdp-server-2:3.10.3-12.el10_2.2.aarch64",
          "CRB-10.2.Z:freerdp-server-2:3.10.3-12.el10_2.2.ppc64le",
          "CRB-10.2.Z:freerdp-server-2:3.10.3-12.el10_2.2.s390x",
          "CRB-10.2.Z:freerdp-server-2:3.10.3-12.el10_2.2.x86_64",
          "CRB-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
          "CRB-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
          "CRB-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.s390x",
          "CRB-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
          "CRB-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
          "CRB-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
          "CRB-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.s390x",
          "CRB-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
          "CRB-10.2.Z:libwinpr-devel-2:3.10.3-12.el10_2.2.aarch64",
          "CRB-10.2.Z:libwinpr-devel-2:3.10.3-12.el10_2.2.ppc64le",
          "CRB-10.2.Z:libwinpr-devel-2:3.10.3-12.el10_2.2.s390x",
          "CRB-10.2.Z:libwinpr-devel-2:3.10.3-12.el10_2.2.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2026-24681"
        },
        {
          "category": "external",
          "summary": "RHBZ#2438210",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2438210"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2026-24681",
          "url": "https://www.cve.org/CVERecord?id=CVE-2026-24681"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-24681",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-24681"
        },
        {
          "category": "external",
          "summary": "https://github.com/FreeRDP/FreeRDP/commit/414f701464929c217f2509bcbd6d2c1f00f7ed73",
          "url": "https://github.com/FreeRDP/FreeRDP/commit/414f701464929c217f2509bcbd6d2c1f00f7ed73"
        },
        {
          "category": "external",
          "summary": "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-ccvv-hg2w-6x9j",
          "url": "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-ccvv-hg2w-6x9j"
        }
      ],
      "release_date": "2026-02-09T18:20:39.732000+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2026-05-19T13:29:01+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.src",
            "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:freerdp-libs-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-libs-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-libs-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-libs-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:libwinpr-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:libwinpr-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:libwinpr-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:libwinpr-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-devel-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-devel-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-devel-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-devel-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-server-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-server-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-server-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-server-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:libwinpr-devel-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:libwinpr-devel-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:libwinpr-devel-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:libwinpr-devel-2:3.10.3-12.el10_2.2.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2026:19033"
        },
        {
          "category": "workaround",
          "details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
          "product_ids": [
            "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.src",
            "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:freerdp-libs-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-libs-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-libs-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-libs-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:libwinpr-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:libwinpr-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:libwinpr-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:libwinpr-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-devel-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-devel-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-devel-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-devel-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-server-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-server-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-server-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-server-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:libwinpr-devel-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:libwinpr-devel-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:libwinpr-devel-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:libwinpr-devel-2:3.10.3-12.el10_2.2.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "LOW",
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
            "version": "3.1"
          },
          "products": [
            "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.src",
            "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:freerdp-libs-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-libs-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-libs-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-libs-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:libwinpr-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:libwinpr-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:libwinpr-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:libwinpr-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-devel-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-devel-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-devel-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-devel-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-server-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-server-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-server-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-server-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:libwinpr-devel-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:libwinpr-devel-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:libwinpr-devel-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:libwinpr-devel-2:3.10.3-12.el10_2.2.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "freerdp: FreeRDP has a heap-use-after-free in urb_bulk_transfer_cb"
    },
    {
      "cve": "CVE-2026-24682",
      "cwe": {
        "id": "CWE-131",
        "name": "Incorrect Calculation of Buffer Size"
      },
      "discovery_date": "2026-02-09T20:01:54.069961+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2438212"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A heap buffer overflow has been discovered in FreeRDP. audin_server_recv_formats frees an incorrect number of audio formats on parse failure (i + i), leading to out-of-bounds access in audio_formats_free.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "freerdp: FreeRDP has a Heap-buffer-overflow in audio_formats_free",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "Availability impact is limited to the FreeRDP instance on Red Hat Products. General system availability is not at risk.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.aarch64",
          "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.ppc64le",
          "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.s390x",
          "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.src",
          "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.x86_64",
          "AppStream-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
          "AppStream-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
          "AppStream-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.s390x",
          "AppStream-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
          "AppStream-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.aarch64",
          "AppStream-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.ppc64le",
          "AppStream-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.s390x",
          "AppStream-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.x86_64",
          "AppStream-10.2.Z:freerdp-libs-2:3.10.3-12.el10_2.2.aarch64",
          "AppStream-10.2.Z:freerdp-libs-2:3.10.3-12.el10_2.2.ppc64le",
          "AppStream-10.2.Z:freerdp-libs-2:3.10.3-12.el10_2.2.s390x",
          "AppStream-10.2.Z:freerdp-libs-2:3.10.3-12.el10_2.2.x86_64",
          "AppStream-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
          "AppStream-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
          "AppStream-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.s390x",
          "AppStream-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
          "AppStream-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
          "AppStream-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
          "AppStream-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.s390x",
          "AppStream-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
          "AppStream-10.2.Z:libwinpr-2:3.10.3-12.el10_2.2.aarch64",
          "AppStream-10.2.Z:libwinpr-2:3.10.3-12.el10_2.2.ppc64le",
          "AppStream-10.2.Z:libwinpr-2:3.10.3-12.el10_2.2.s390x",
          "AppStream-10.2.Z:libwinpr-2:3.10.3-12.el10_2.2.x86_64",
          "AppStream-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
          "AppStream-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
          "AppStream-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.s390x",
          "AppStream-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
          "CRB-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
          "CRB-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
          "CRB-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.s390x",
          "CRB-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
          "CRB-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.aarch64",
          "CRB-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.ppc64le",
          "CRB-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.s390x",
          "CRB-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.x86_64",
          "CRB-10.2.Z:freerdp-devel-2:3.10.3-12.el10_2.2.aarch64",
          "CRB-10.2.Z:freerdp-devel-2:3.10.3-12.el10_2.2.ppc64le",
          "CRB-10.2.Z:freerdp-devel-2:3.10.3-12.el10_2.2.s390x",
          "CRB-10.2.Z:freerdp-devel-2:3.10.3-12.el10_2.2.x86_64",
          "CRB-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
          "CRB-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
          "CRB-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.s390x",
          "CRB-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
          "CRB-10.2.Z:freerdp-server-2:3.10.3-12.el10_2.2.aarch64",
          "CRB-10.2.Z:freerdp-server-2:3.10.3-12.el10_2.2.ppc64le",
          "CRB-10.2.Z:freerdp-server-2:3.10.3-12.el10_2.2.s390x",
          "CRB-10.2.Z:freerdp-server-2:3.10.3-12.el10_2.2.x86_64",
          "CRB-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
          "CRB-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
          "CRB-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.s390x",
          "CRB-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
          "CRB-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
          "CRB-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
          "CRB-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.s390x",
          "CRB-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
          "CRB-10.2.Z:libwinpr-devel-2:3.10.3-12.el10_2.2.aarch64",
          "CRB-10.2.Z:libwinpr-devel-2:3.10.3-12.el10_2.2.ppc64le",
          "CRB-10.2.Z:libwinpr-devel-2:3.10.3-12.el10_2.2.s390x",
          "CRB-10.2.Z:libwinpr-devel-2:3.10.3-12.el10_2.2.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2026-24682"
        },
        {
          "category": "external",
          "summary": "RHBZ#2438212",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2438212"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2026-24682",
          "url": "https://www.cve.org/CVERecord?id=CVE-2026-24682"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-24682",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-24682"
        },
        {
          "category": "external",
          "summary": "https://github.com/FreeRDP/FreeRDP/commit/1c5c74223179d425a1ce6dbbb6a3dd2a958b7aee",
          "url": "https://github.com/FreeRDP/FreeRDP/commit/1c5c74223179d425a1ce6dbbb6a3dd2a958b7aee"
        },
        {
          "category": "external",
          "summary": "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-vcw2-pqgw-mx6g",
          "url": "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-vcw2-pqgw-mx6g"
        }
      ],
      "release_date": "2026-02-09T18:21:39.733000+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2026-05-19T13:29:01+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.src",
            "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:freerdp-libs-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-libs-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-libs-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-libs-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:libwinpr-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:libwinpr-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:libwinpr-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:libwinpr-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-devel-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-devel-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-devel-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-devel-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-server-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-server-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-server-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-server-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:libwinpr-devel-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:libwinpr-devel-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:libwinpr-devel-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:libwinpr-devel-2:3.10.3-12.el10_2.2.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2026:19033"
        },
        {
          "category": "workaround",
          "details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
          "product_ids": [
            "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.src",
            "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:freerdp-libs-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-libs-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-libs-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-libs-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:libwinpr-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:libwinpr-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:libwinpr-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:libwinpr-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-devel-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-devel-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-devel-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-devel-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-server-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-server-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-server-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-server-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:libwinpr-devel-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:libwinpr-devel-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:libwinpr-devel-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:libwinpr-devel-2:3.10.3-12.el10_2.2.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "LOW",
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
            "version": "3.1"
          },
          "products": [
            "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.src",
            "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:freerdp-libs-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-libs-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-libs-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-libs-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:libwinpr-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:libwinpr-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:libwinpr-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:libwinpr-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-devel-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-devel-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-devel-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-devel-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-server-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-server-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-server-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-server-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:libwinpr-devel-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:libwinpr-devel-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:libwinpr-devel-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:libwinpr-devel-2:3.10.3-12.el10_2.2.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "freerdp: FreeRDP has a Heap-buffer-overflow in audio_formats_free"
    },
    {
      "cve": "CVE-2026-24683",
      "cwe": {
        "id": "CWE-825",
        "name": "Expired Pointer Dereference"
      },
      "discovery_date": "2026-02-09T20:02:05.563918+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2438216"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A heap buffer use after free has been discovered in FreeRDP. ainput_send_input_event caches channel_callback in a local variable and later uses it without synchronization; a concurrent channel close can free or reinitialize the callback, leading to a use after free.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "freerdp: FreeRDP has a heap-use-after-free in ainput_send_input_event",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "Availability impact is limited to the FreeRDP instance on Red Hat Products. General system availability is not at risk.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.aarch64",
          "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.ppc64le",
          "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.s390x",
          "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.src",
          "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.x86_64",
          "AppStream-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
          "AppStream-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
          "AppStream-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.s390x",
          "AppStream-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
          "AppStream-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.aarch64",
          "AppStream-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.ppc64le",
          "AppStream-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.s390x",
          "AppStream-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.x86_64",
          "AppStream-10.2.Z:freerdp-libs-2:3.10.3-12.el10_2.2.aarch64",
          "AppStream-10.2.Z:freerdp-libs-2:3.10.3-12.el10_2.2.ppc64le",
          "AppStream-10.2.Z:freerdp-libs-2:3.10.3-12.el10_2.2.s390x",
          "AppStream-10.2.Z:freerdp-libs-2:3.10.3-12.el10_2.2.x86_64",
          "AppStream-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
          "AppStream-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
          "AppStream-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.s390x",
          "AppStream-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
          "AppStream-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
          "AppStream-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
          "AppStream-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.s390x",
          "AppStream-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
          "AppStream-10.2.Z:libwinpr-2:3.10.3-12.el10_2.2.aarch64",
          "AppStream-10.2.Z:libwinpr-2:3.10.3-12.el10_2.2.ppc64le",
          "AppStream-10.2.Z:libwinpr-2:3.10.3-12.el10_2.2.s390x",
          "AppStream-10.2.Z:libwinpr-2:3.10.3-12.el10_2.2.x86_64",
          "AppStream-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
          "AppStream-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
          "AppStream-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.s390x",
          "AppStream-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
          "CRB-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
          "CRB-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
          "CRB-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.s390x",
          "CRB-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
          "CRB-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.aarch64",
          "CRB-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.ppc64le",
          "CRB-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.s390x",
          "CRB-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.x86_64",
          "CRB-10.2.Z:freerdp-devel-2:3.10.3-12.el10_2.2.aarch64",
          "CRB-10.2.Z:freerdp-devel-2:3.10.3-12.el10_2.2.ppc64le",
          "CRB-10.2.Z:freerdp-devel-2:3.10.3-12.el10_2.2.s390x",
          "CRB-10.2.Z:freerdp-devel-2:3.10.3-12.el10_2.2.x86_64",
          "CRB-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
          "CRB-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
          "CRB-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.s390x",
          "CRB-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
          "CRB-10.2.Z:freerdp-server-2:3.10.3-12.el10_2.2.aarch64",
          "CRB-10.2.Z:freerdp-server-2:3.10.3-12.el10_2.2.ppc64le",
          "CRB-10.2.Z:freerdp-server-2:3.10.3-12.el10_2.2.s390x",
          "CRB-10.2.Z:freerdp-server-2:3.10.3-12.el10_2.2.x86_64",
          "CRB-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
          "CRB-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
          "CRB-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.s390x",
          "CRB-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
          "CRB-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
          "CRB-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
          "CRB-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.s390x",
          "CRB-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
          "CRB-10.2.Z:libwinpr-devel-2:3.10.3-12.el10_2.2.aarch64",
          "CRB-10.2.Z:libwinpr-devel-2:3.10.3-12.el10_2.2.ppc64le",
          "CRB-10.2.Z:libwinpr-devel-2:3.10.3-12.el10_2.2.s390x",
          "CRB-10.2.Z:libwinpr-devel-2:3.10.3-12.el10_2.2.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2026-24683"
        },
        {
          "category": "external",
          "summary": "RHBZ#2438216",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2438216"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2026-24683",
          "url": "https://www.cve.org/CVERecord?id=CVE-2026-24683"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-24683",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-24683"
        },
        {
          "category": "external",
          "summary": "https://github.com/FreeRDP/FreeRDP/commit/d9ca272dce7a776ab475e9b1a8e8c3d2968c8486",
          "url": "https://github.com/FreeRDP/FreeRDP/commit/d9ca272dce7a776ab475e9b1a8e8c3d2968c8486"
        },
        {
          "category": "external",
          "summary": "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-45pf-68pj-fg8q",
          "url": "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-45pf-68pj-fg8q"
        }
      ],
      "release_date": "2026-02-09T18:22:17.636000+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2026-05-19T13:29:01+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.src",
            "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:freerdp-libs-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-libs-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-libs-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-libs-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:libwinpr-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:libwinpr-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:libwinpr-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:libwinpr-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-devel-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-devel-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-devel-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-devel-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-server-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-server-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-server-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-server-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:libwinpr-devel-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:libwinpr-devel-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:libwinpr-devel-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:libwinpr-devel-2:3.10.3-12.el10_2.2.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2026:19033"
        },
        {
          "category": "workaround",
          "details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
          "product_ids": [
            "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.src",
            "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:freerdp-libs-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-libs-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-libs-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-libs-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:libwinpr-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:libwinpr-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:libwinpr-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:libwinpr-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-devel-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-devel-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-devel-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-devel-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-server-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-server-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-server-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-server-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:libwinpr-devel-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:libwinpr-devel-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:libwinpr-devel-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:libwinpr-devel-2:3.10.3-12.el10_2.2.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "LOW",
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
            "version": "3.1"
          },
          "products": [
            "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.src",
            "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:freerdp-libs-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-libs-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-libs-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-libs-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:libwinpr-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:libwinpr-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:libwinpr-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:libwinpr-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-devel-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-devel-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-devel-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-devel-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-server-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-server-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-server-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-server-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:libwinpr-devel-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:libwinpr-devel-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:libwinpr-devel-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:libwinpr-devel-2:3.10.3-12.el10_2.2.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "freerdp: FreeRDP has a heap-use-after-free in ainput_send_input_event"
    },
    {
      "cve": "CVE-2026-24684",
      "cwe": {
        "id": "CWE-131",
        "name": "Incorrect Calculation of Buffer Size"
      },
      "discovery_date": "2026-02-09T20:01:39.156545+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2438208"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A heap use after free has been discovered in FreeRDP. The RDPSND async playback thread can process queued PDUs after the channel is closed and internal state is freed, leading to a use after free in rdpsnd_treat_wave.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "freerdp: FreeRDP has a Heap-use-after-free in play_thread",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "Availability impact is limited to the FreeRDP instance on Red Hat Products. General system availability is not at risk.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.aarch64",
          "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.ppc64le",
          "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.s390x",
          "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.src",
          "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.x86_64",
          "AppStream-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
          "AppStream-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
          "AppStream-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.s390x",
          "AppStream-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
          "AppStream-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.aarch64",
          "AppStream-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.ppc64le",
          "AppStream-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.s390x",
          "AppStream-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.x86_64",
          "AppStream-10.2.Z:freerdp-libs-2:3.10.3-12.el10_2.2.aarch64",
          "AppStream-10.2.Z:freerdp-libs-2:3.10.3-12.el10_2.2.ppc64le",
          "AppStream-10.2.Z:freerdp-libs-2:3.10.3-12.el10_2.2.s390x",
          "AppStream-10.2.Z:freerdp-libs-2:3.10.3-12.el10_2.2.x86_64",
          "AppStream-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
          "AppStream-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
          "AppStream-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.s390x",
          "AppStream-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
          "AppStream-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
          "AppStream-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
          "AppStream-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.s390x",
          "AppStream-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
          "AppStream-10.2.Z:libwinpr-2:3.10.3-12.el10_2.2.aarch64",
          "AppStream-10.2.Z:libwinpr-2:3.10.3-12.el10_2.2.ppc64le",
          "AppStream-10.2.Z:libwinpr-2:3.10.3-12.el10_2.2.s390x",
          "AppStream-10.2.Z:libwinpr-2:3.10.3-12.el10_2.2.x86_64",
          "AppStream-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
          "AppStream-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
          "AppStream-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.s390x",
          "AppStream-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
          "CRB-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
          "CRB-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
          "CRB-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.s390x",
          "CRB-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
          "CRB-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.aarch64",
          "CRB-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.ppc64le",
          "CRB-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.s390x",
          "CRB-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.x86_64",
          "CRB-10.2.Z:freerdp-devel-2:3.10.3-12.el10_2.2.aarch64",
          "CRB-10.2.Z:freerdp-devel-2:3.10.3-12.el10_2.2.ppc64le",
          "CRB-10.2.Z:freerdp-devel-2:3.10.3-12.el10_2.2.s390x",
          "CRB-10.2.Z:freerdp-devel-2:3.10.3-12.el10_2.2.x86_64",
          "CRB-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
          "CRB-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
          "CRB-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.s390x",
          "CRB-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
          "CRB-10.2.Z:freerdp-server-2:3.10.3-12.el10_2.2.aarch64",
          "CRB-10.2.Z:freerdp-server-2:3.10.3-12.el10_2.2.ppc64le",
          "CRB-10.2.Z:freerdp-server-2:3.10.3-12.el10_2.2.s390x",
          "CRB-10.2.Z:freerdp-server-2:3.10.3-12.el10_2.2.x86_64",
          "CRB-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
          "CRB-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
          "CRB-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.s390x",
          "CRB-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
          "CRB-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
          "CRB-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
          "CRB-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.s390x",
          "CRB-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
          "CRB-10.2.Z:libwinpr-devel-2:3.10.3-12.el10_2.2.aarch64",
          "CRB-10.2.Z:libwinpr-devel-2:3.10.3-12.el10_2.2.ppc64le",
          "CRB-10.2.Z:libwinpr-devel-2:3.10.3-12.el10_2.2.s390x",
          "CRB-10.2.Z:libwinpr-devel-2:3.10.3-12.el10_2.2.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2026-24684"
        },
        {
          "category": "external",
          "summary": "RHBZ#2438208",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2438208"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2026-24684",
          "url": "https://www.cve.org/CVERecord?id=CVE-2026-24684"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-24684",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-24684"
        },
        {
          "category": "external",
          "summary": "https://github.com/FreeRDP/FreeRDP/commit/622bb7b4402491ca003f47472d0e478132673696",
          "url": "https://github.com/FreeRDP/FreeRDP/commit/622bb7b4402491ca003f47472d0e478132673696"
        },
        {
          "category": "external",
          "summary": "https://github.com/FreeRDP/FreeRDP/commit/afa6851dc80835d3101e40fcef51b6c5c0f43ea5",
          "url": "https://github.com/FreeRDP/FreeRDP/commit/afa6851dc80835d3101e40fcef51b6c5c0f43ea5"
        },
        {
          "category": "external",
          "summary": "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-vcgv-xgjp-h83q",
          "url": "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-vcgv-xgjp-h83q"
        }
      ],
      "release_date": "2026-02-09T18:23:02.882000+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2026-05-19T13:29:01+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.src",
            "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:freerdp-libs-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-libs-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-libs-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-libs-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:libwinpr-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:libwinpr-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:libwinpr-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:libwinpr-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-devel-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-devel-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-devel-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-devel-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-server-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-server-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-server-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-server-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:libwinpr-devel-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:libwinpr-devel-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:libwinpr-devel-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:libwinpr-devel-2:3.10.3-12.el10_2.2.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2026:19033"
        },
        {
          "category": "workaround",
          "details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
          "product_ids": [
            "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.src",
            "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:freerdp-libs-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-libs-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-libs-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-libs-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:libwinpr-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:libwinpr-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:libwinpr-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:libwinpr-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-devel-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-devel-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-devel-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-devel-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-server-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-server-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-server-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-server-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:libwinpr-devel-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:libwinpr-devel-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:libwinpr-devel-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:libwinpr-devel-2:3.10.3-12.el10_2.2.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "LOW",
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
            "version": "3.1"
          },
          "products": [
            "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.src",
            "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:freerdp-libs-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-libs-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-libs-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-libs-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:libwinpr-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:libwinpr-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:libwinpr-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:libwinpr-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-devel-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-devel-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-devel-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-devel-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-server-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-server-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-server-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-server-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:libwinpr-devel-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:libwinpr-devel-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:libwinpr-devel-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:libwinpr-devel-2:3.10.3-12.el10_2.2.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "freerdp: FreeRDP has a Heap-use-after-free in play_thread"
    },
    {
      "cve": "CVE-2026-26955",
      "cwe": {
        "id": "CWE-805",
        "name": "Buffer Access with Incorrect Length Value"
      },
      "discovery_date": "2026-02-26T21:03:46.682470+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2443132"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in FreeRDP, a free implementation of the Remote Desktop Protocol (RDP). A malicious RDP server can exploit a heap buffer overflow vulnerability by sending a specially crafted graphics command to a FreeRDP client. This allows the server to write data outside of its intended memory region, potentially leading to arbitrary code execution on the client system. The vulnerability occurs because the client does not properly validate the dimensions of incoming graphics commands.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "freerdp: FreeRDP: Arbitrary code execution via heap buffer overflow in GDI surface pipeline",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "A malicous RDP server may lead a heap buffer overflow in FreeRDP when the client is using the GDI surface pipeline. This happens when the server send a maliciously crafted RDPGFX ClearCodec command. When interpreting the command FreeRDP fails to validate the whether rectangle described by it falls within the destination surface dimension allowing the attacker to overwrite the surface data buffer without any boundaries check. Depending on the memory layout of the freerdp client's process it's possible to corrupt adjacent points leading to a remote code execution or force the freerdp client to crash.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.aarch64",
          "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.ppc64le",
          "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.s390x",
          "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.src",
          "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.x86_64",
          "AppStream-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
          "AppStream-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
          "AppStream-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.s390x",
          "AppStream-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
          "AppStream-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.aarch64",
          "AppStream-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.ppc64le",
          "AppStream-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.s390x",
          "AppStream-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.x86_64",
          "AppStream-10.2.Z:freerdp-libs-2:3.10.3-12.el10_2.2.aarch64",
          "AppStream-10.2.Z:freerdp-libs-2:3.10.3-12.el10_2.2.ppc64le",
          "AppStream-10.2.Z:freerdp-libs-2:3.10.3-12.el10_2.2.s390x",
          "AppStream-10.2.Z:freerdp-libs-2:3.10.3-12.el10_2.2.x86_64",
          "AppStream-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
          "AppStream-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
          "AppStream-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.s390x",
          "AppStream-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
          "AppStream-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
          "AppStream-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
          "AppStream-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.s390x",
          "AppStream-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
          "AppStream-10.2.Z:libwinpr-2:3.10.3-12.el10_2.2.aarch64",
          "AppStream-10.2.Z:libwinpr-2:3.10.3-12.el10_2.2.ppc64le",
          "AppStream-10.2.Z:libwinpr-2:3.10.3-12.el10_2.2.s390x",
          "AppStream-10.2.Z:libwinpr-2:3.10.3-12.el10_2.2.x86_64",
          "AppStream-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
          "AppStream-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
          "AppStream-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.s390x",
          "AppStream-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
          "CRB-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
          "CRB-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
          "CRB-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.s390x",
          "CRB-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
          "CRB-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.aarch64",
          "CRB-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.ppc64le",
          "CRB-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.s390x",
          "CRB-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.x86_64",
          "CRB-10.2.Z:freerdp-devel-2:3.10.3-12.el10_2.2.aarch64",
          "CRB-10.2.Z:freerdp-devel-2:3.10.3-12.el10_2.2.ppc64le",
          "CRB-10.2.Z:freerdp-devel-2:3.10.3-12.el10_2.2.s390x",
          "CRB-10.2.Z:freerdp-devel-2:3.10.3-12.el10_2.2.x86_64",
          "CRB-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
          "CRB-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
          "CRB-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.s390x",
          "CRB-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
          "CRB-10.2.Z:freerdp-server-2:3.10.3-12.el10_2.2.aarch64",
          "CRB-10.2.Z:freerdp-server-2:3.10.3-12.el10_2.2.ppc64le",
          "CRB-10.2.Z:freerdp-server-2:3.10.3-12.el10_2.2.s390x",
          "CRB-10.2.Z:freerdp-server-2:3.10.3-12.el10_2.2.x86_64",
          "CRB-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
          "CRB-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
          "CRB-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.s390x",
          "CRB-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
          "CRB-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
          "CRB-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
          "CRB-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.s390x",
          "CRB-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
          "CRB-10.2.Z:libwinpr-devel-2:3.10.3-12.el10_2.2.aarch64",
          "CRB-10.2.Z:libwinpr-devel-2:3.10.3-12.el10_2.2.ppc64le",
          "CRB-10.2.Z:libwinpr-devel-2:3.10.3-12.el10_2.2.s390x",
          "CRB-10.2.Z:libwinpr-devel-2:3.10.3-12.el10_2.2.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2026-26955"
        },
        {
          "category": "external",
          "summary": "RHBZ#2443132",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2443132"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2026-26955",
          "url": "https://www.cve.org/CVERecord?id=CVE-2026-26955"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-26955",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-26955"
        },
        {
          "category": "external",
          "summary": "https://github.com/FreeRDP/FreeRDP/commit/7d8fdce2d0ef337cb86cb37fc0c436c905e04d77",
          "url": "https://github.com/FreeRDP/FreeRDP/commit/7d8fdce2d0ef337cb86cb37fc0c436c905e04d77"
        },
        {
          "category": "external",
          "summary": "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-mr6w-ch7c-mqqj",
          "url": "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-mr6w-ch7c-mqqj"
        }
      ],
      "release_date": "2026-02-25T20:47:14.660000+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2026-05-19T13:29:01+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.src",
            "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:freerdp-libs-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-libs-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-libs-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-libs-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:libwinpr-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:libwinpr-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:libwinpr-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:libwinpr-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-devel-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-devel-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-devel-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-devel-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-server-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-server-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-server-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-server-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:libwinpr-devel-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:libwinpr-devel-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:libwinpr-devel-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:libwinpr-devel-2:3.10.3-12.el10_2.2.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2026:19033"
        },
        {
          "category": "workaround",
          "details": "To mitigate this issue, avoid connecting to untrusted or unverified RDP servers. Users should only establish RDP connections with known and trusted servers. If connecting to untrusted servers is unavoidable, consider using a sandbox environment or a dedicated, isolated system for such connections to limit potential impact.",
          "product_ids": [
            "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.src",
            "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:freerdp-libs-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-libs-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-libs-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-libs-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:libwinpr-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:libwinpr-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:libwinpr-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:libwinpr-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-devel-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-devel-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-devel-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-devel-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-server-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-server-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-server-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-server-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:libwinpr-devel-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:libwinpr-devel-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:libwinpr-devel-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:libwinpr-devel-2:3.10.3-12.el10_2.2.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.src",
            "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:freerdp-libs-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-libs-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-libs-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-libs-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:libwinpr-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:libwinpr-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:libwinpr-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:libwinpr-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-devel-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-devel-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-devel-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-devel-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-server-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-server-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-server-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-server-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:libwinpr-devel-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:libwinpr-devel-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:libwinpr-devel-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:libwinpr-devel-2:3.10.3-12.el10_2.2.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "freerdp: FreeRDP: Arbitrary code execution via heap buffer overflow in GDI surface pipeline"
    },
    {
      "cve": "CVE-2026-26965",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "discovery_date": "2026-02-26T06:01:11.806254+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2442959"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in FreeRDP, a free implementation of the Remote Desktop Protocol (RDP). A malicious RDP server can exploit a heap out-of-bounds write vulnerability in the `planar_decompress_plane_rle()` function. This vulnerability allows the server to write past the end of a temporary buffer, potentially overwriting critical data such as function pointers. This can lead to arbitrary code execution on the connecting FreeRDP client.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "freerdp: FreeRDP: Arbitrary code execution via heap out-of-bounds write in RLE planar decode path",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.aarch64",
          "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.ppc64le",
          "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.s390x",
          "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.src",
          "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.x86_64",
          "AppStream-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
          "AppStream-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
          "AppStream-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.s390x",
          "AppStream-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
          "AppStream-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.aarch64",
          "AppStream-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.ppc64le",
          "AppStream-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.s390x",
          "AppStream-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.x86_64",
          "AppStream-10.2.Z:freerdp-libs-2:3.10.3-12.el10_2.2.aarch64",
          "AppStream-10.2.Z:freerdp-libs-2:3.10.3-12.el10_2.2.ppc64le",
          "AppStream-10.2.Z:freerdp-libs-2:3.10.3-12.el10_2.2.s390x",
          "AppStream-10.2.Z:freerdp-libs-2:3.10.3-12.el10_2.2.x86_64",
          "AppStream-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
          "AppStream-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
          "AppStream-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.s390x",
          "AppStream-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
          "AppStream-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
          "AppStream-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
          "AppStream-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.s390x",
          "AppStream-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
          "AppStream-10.2.Z:libwinpr-2:3.10.3-12.el10_2.2.aarch64",
          "AppStream-10.2.Z:libwinpr-2:3.10.3-12.el10_2.2.ppc64le",
          "AppStream-10.2.Z:libwinpr-2:3.10.3-12.el10_2.2.s390x",
          "AppStream-10.2.Z:libwinpr-2:3.10.3-12.el10_2.2.x86_64",
          "AppStream-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
          "AppStream-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
          "AppStream-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.s390x",
          "AppStream-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
          "CRB-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
          "CRB-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
          "CRB-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.s390x",
          "CRB-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
          "CRB-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.aarch64",
          "CRB-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.ppc64le",
          "CRB-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.s390x",
          "CRB-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.x86_64",
          "CRB-10.2.Z:freerdp-devel-2:3.10.3-12.el10_2.2.aarch64",
          "CRB-10.2.Z:freerdp-devel-2:3.10.3-12.el10_2.2.ppc64le",
          "CRB-10.2.Z:freerdp-devel-2:3.10.3-12.el10_2.2.s390x",
          "CRB-10.2.Z:freerdp-devel-2:3.10.3-12.el10_2.2.x86_64",
          "CRB-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
          "CRB-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
          "CRB-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.s390x",
          "CRB-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
          "CRB-10.2.Z:freerdp-server-2:3.10.3-12.el10_2.2.aarch64",
          "CRB-10.2.Z:freerdp-server-2:3.10.3-12.el10_2.2.ppc64le",
          "CRB-10.2.Z:freerdp-server-2:3.10.3-12.el10_2.2.s390x",
          "CRB-10.2.Z:freerdp-server-2:3.10.3-12.el10_2.2.x86_64",
          "CRB-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
          "CRB-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
          "CRB-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.s390x",
          "CRB-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
          "CRB-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
          "CRB-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
          "CRB-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.s390x",
          "CRB-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
          "CRB-10.2.Z:libwinpr-devel-2:3.10.3-12.el10_2.2.aarch64",
          "CRB-10.2.Z:libwinpr-devel-2:3.10.3-12.el10_2.2.ppc64le",
          "CRB-10.2.Z:libwinpr-devel-2:3.10.3-12.el10_2.2.s390x",
          "CRB-10.2.Z:libwinpr-devel-2:3.10.3-12.el10_2.2.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2026-26965"
        },
        {
          "category": "external",
          "summary": "RHBZ#2442959",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2442959"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2026-26965",
          "url": "https://www.cve.org/CVERecord?id=CVE-2026-26965"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-26965",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-26965"
        },
        {
          "category": "external",
          "summary": "https://github.com/FreeRDP/FreeRDP/commit/a0be5cb87d760bb1c803ad1bb835aa1e73e62abc",
          "url": "https://github.com/FreeRDP/FreeRDP/commit/a0be5cb87d760bb1c803ad1bb835aa1e73e62abc"
        },
        {
          "category": "external",
          "summary": "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-5vgf-mw4f-r33h",
          "url": "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-5vgf-mw4f-r33h"
        }
      ],
      "release_date": "2026-02-25T20:59:17.828000+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2026-05-19T13:29:01+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.src",
            "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:freerdp-libs-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-libs-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-libs-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-libs-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:libwinpr-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:libwinpr-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:libwinpr-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:libwinpr-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-devel-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-devel-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-devel-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-devel-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-server-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-server-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-server-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-server-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:libwinpr-devel-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:libwinpr-devel-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:libwinpr-devel-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:libwinpr-devel-2:3.10.3-12.el10_2.2.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2026:19033"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.src",
            "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:freerdp-libs-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-libs-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-libs-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-libs-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:libwinpr-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:libwinpr-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:libwinpr-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:libwinpr-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-devel-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-devel-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-devel-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-devel-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-server-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-server-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-server-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-server-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:libwinpr-devel-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:libwinpr-devel-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:libwinpr-devel-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:libwinpr-devel-2:3.10.3-12.el10_2.2.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "freerdp: FreeRDP: Arbitrary code execution via heap out-of-bounds write in RLE planar decode path"
    },
    {
      "cve": "CVE-2026-31806",
      "cwe": {
        "id": "CWE-131",
        "name": "Incorrect Calculation of Buffer Size"
      },
      "discovery_date": "2026-03-13T18:02:52.800795+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2447376"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in FreeRDP, a free implementation of the Remote Desktop Protocol (RDP). The `gdi_surface_bits()` function, which processes `SURFACE_BITS_COMMAND` messages, does not properly validate image dimensions (`bmp.width` and `bmp.height`) provided by a malicious RDP server. This can lead to a heap buffer overflow during bitmap decoding and memory operations. A remote attacker could exploit this to overwrite adjacent memory, potentially resulting in arbitrary code execution.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "freerdp: FreeRDP: Arbitrary code execution via crafted Remote Desktop Protocol (RDP) server messages",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "For this vulnerability to be exploited, a susceptible system must connect to a malicious server. For that reason, Red Hat recommends that you only use FreeRDP to connect to trusted servers.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.aarch64",
          "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.ppc64le",
          "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.s390x",
          "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.src",
          "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.x86_64",
          "AppStream-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
          "AppStream-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
          "AppStream-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.s390x",
          "AppStream-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
          "AppStream-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.aarch64",
          "AppStream-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.ppc64le",
          "AppStream-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.s390x",
          "AppStream-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.x86_64",
          "AppStream-10.2.Z:freerdp-libs-2:3.10.3-12.el10_2.2.aarch64",
          "AppStream-10.2.Z:freerdp-libs-2:3.10.3-12.el10_2.2.ppc64le",
          "AppStream-10.2.Z:freerdp-libs-2:3.10.3-12.el10_2.2.s390x",
          "AppStream-10.2.Z:freerdp-libs-2:3.10.3-12.el10_2.2.x86_64",
          "AppStream-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
          "AppStream-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
          "AppStream-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.s390x",
          "AppStream-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
          "AppStream-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
          "AppStream-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
          "AppStream-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.s390x",
          "AppStream-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
          "AppStream-10.2.Z:libwinpr-2:3.10.3-12.el10_2.2.aarch64",
          "AppStream-10.2.Z:libwinpr-2:3.10.3-12.el10_2.2.ppc64le",
          "AppStream-10.2.Z:libwinpr-2:3.10.3-12.el10_2.2.s390x",
          "AppStream-10.2.Z:libwinpr-2:3.10.3-12.el10_2.2.x86_64",
          "AppStream-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
          "AppStream-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
          "AppStream-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.s390x",
          "AppStream-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
          "CRB-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
          "CRB-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
          "CRB-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.s390x",
          "CRB-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
          "CRB-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.aarch64",
          "CRB-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.ppc64le",
          "CRB-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.s390x",
          "CRB-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.x86_64",
          "CRB-10.2.Z:freerdp-devel-2:3.10.3-12.el10_2.2.aarch64",
          "CRB-10.2.Z:freerdp-devel-2:3.10.3-12.el10_2.2.ppc64le",
          "CRB-10.2.Z:freerdp-devel-2:3.10.3-12.el10_2.2.s390x",
          "CRB-10.2.Z:freerdp-devel-2:3.10.3-12.el10_2.2.x86_64",
          "CRB-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
          "CRB-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
          "CRB-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.s390x",
          "CRB-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
          "CRB-10.2.Z:freerdp-server-2:3.10.3-12.el10_2.2.aarch64",
          "CRB-10.2.Z:freerdp-server-2:3.10.3-12.el10_2.2.ppc64le",
          "CRB-10.2.Z:freerdp-server-2:3.10.3-12.el10_2.2.s390x",
          "CRB-10.2.Z:freerdp-server-2:3.10.3-12.el10_2.2.x86_64",
          "CRB-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
          "CRB-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
          "CRB-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.s390x",
          "CRB-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
          "CRB-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
          "CRB-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
          "CRB-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.s390x",
          "CRB-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
          "CRB-10.2.Z:libwinpr-devel-2:3.10.3-12.el10_2.2.aarch64",
          "CRB-10.2.Z:libwinpr-devel-2:3.10.3-12.el10_2.2.ppc64le",
          "CRB-10.2.Z:libwinpr-devel-2:3.10.3-12.el10_2.2.s390x",
          "CRB-10.2.Z:libwinpr-devel-2:3.10.3-12.el10_2.2.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2026-31806"
        },
        {
          "category": "external",
          "summary": "RHBZ#2447376",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2447376"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2026-31806",
          "url": "https://www.cve.org/CVERecord?id=CVE-2026-31806"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-31806",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-31806"
        },
        {
          "category": "external",
          "summary": "https://github.com/FreeRDP/FreeRDP/commit/83d9aedea278a74af3e490ff5eeb889c016dbb2b",
          "url": "https://github.com/FreeRDP/FreeRDP/commit/83d9aedea278a74af3e490ff5eeb889c016dbb2b"
        },
        {
          "category": "external",
          "summary": "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-rrqm-46rj-cmx2",
          "url": "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-rrqm-46rj-cmx2"
        }
      ],
      "release_date": "2026-03-13T17:40:19.920000+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2026-05-19T13:29:01+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.src",
            "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:freerdp-libs-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-libs-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-libs-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-libs-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:libwinpr-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:libwinpr-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:libwinpr-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:libwinpr-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-devel-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-devel-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-devel-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-devel-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-server-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-server-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-server-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-server-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:libwinpr-devel-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:libwinpr-devel-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:libwinpr-devel-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:libwinpr-devel-2:3.10.3-12.el10_2.2.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2026:19033"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.src",
            "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:freerdp-libs-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-libs-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-libs-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-libs-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:libwinpr-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:libwinpr-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:libwinpr-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:libwinpr-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-devel-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-devel-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-devel-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-devel-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-server-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-server-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-server-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-server-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:libwinpr-devel-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:libwinpr-devel-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:libwinpr-devel-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:libwinpr-devel-2:3.10.3-12.el10_2.2.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "freerdp: FreeRDP: Arbitrary code execution via crafted Remote Desktop Protocol (RDP) server messages"
    },
    {
      "cve": "CVE-2026-33983",
      "cwe": {
        "id": "CWE-190",
        "name": "Integer Overflow or Wraparound"
      },
      "discovery_date": "2026-03-30T22:01:29.031189+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2453220"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in FreeRDP, a free implementation of the Remote Desktop Protocol (RDP). A remote attacker could exploit this vulnerability by sending a specially crafted RDP message. This can lead to an undefined behavior where a wrapped value is used as a shift exponent, causing an approximately 80 billion iteration loop. This results in a Denial of Service (DoS) due to excessive CPU utilization.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "FreeRDP: FreeRDP: Denial of Service via specially crafted Remote Desktop Protocol messages",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.aarch64",
          "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.ppc64le",
          "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.s390x",
          "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.src",
          "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.x86_64",
          "AppStream-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
          "AppStream-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
          "AppStream-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.s390x",
          "AppStream-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
          "AppStream-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.aarch64",
          "AppStream-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.ppc64le",
          "AppStream-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.s390x",
          "AppStream-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.x86_64",
          "AppStream-10.2.Z:freerdp-libs-2:3.10.3-12.el10_2.2.aarch64",
          "AppStream-10.2.Z:freerdp-libs-2:3.10.3-12.el10_2.2.ppc64le",
          "AppStream-10.2.Z:freerdp-libs-2:3.10.3-12.el10_2.2.s390x",
          "AppStream-10.2.Z:freerdp-libs-2:3.10.3-12.el10_2.2.x86_64",
          "AppStream-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
          "AppStream-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
          "AppStream-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.s390x",
          "AppStream-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
          "AppStream-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
          "AppStream-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
          "AppStream-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.s390x",
          "AppStream-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
          "AppStream-10.2.Z:libwinpr-2:3.10.3-12.el10_2.2.aarch64",
          "AppStream-10.2.Z:libwinpr-2:3.10.3-12.el10_2.2.ppc64le",
          "AppStream-10.2.Z:libwinpr-2:3.10.3-12.el10_2.2.s390x",
          "AppStream-10.2.Z:libwinpr-2:3.10.3-12.el10_2.2.x86_64",
          "AppStream-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
          "AppStream-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
          "AppStream-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.s390x",
          "AppStream-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
          "CRB-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
          "CRB-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
          "CRB-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.s390x",
          "CRB-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
          "CRB-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.aarch64",
          "CRB-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.ppc64le",
          "CRB-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.s390x",
          "CRB-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.x86_64",
          "CRB-10.2.Z:freerdp-devel-2:3.10.3-12.el10_2.2.aarch64",
          "CRB-10.2.Z:freerdp-devel-2:3.10.3-12.el10_2.2.ppc64le",
          "CRB-10.2.Z:freerdp-devel-2:3.10.3-12.el10_2.2.s390x",
          "CRB-10.2.Z:freerdp-devel-2:3.10.3-12.el10_2.2.x86_64",
          "CRB-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
          "CRB-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
          "CRB-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.s390x",
          "CRB-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
          "CRB-10.2.Z:freerdp-server-2:3.10.3-12.el10_2.2.aarch64",
          "CRB-10.2.Z:freerdp-server-2:3.10.3-12.el10_2.2.ppc64le",
          "CRB-10.2.Z:freerdp-server-2:3.10.3-12.el10_2.2.s390x",
          "CRB-10.2.Z:freerdp-server-2:3.10.3-12.el10_2.2.x86_64",
          "CRB-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
          "CRB-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
          "CRB-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.s390x",
          "CRB-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
          "CRB-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
          "CRB-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
          "CRB-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.s390x",
          "CRB-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
          "CRB-10.2.Z:libwinpr-devel-2:3.10.3-12.el10_2.2.aarch64",
          "CRB-10.2.Z:libwinpr-devel-2:3.10.3-12.el10_2.2.ppc64le",
          "CRB-10.2.Z:libwinpr-devel-2:3.10.3-12.el10_2.2.s390x",
          "CRB-10.2.Z:libwinpr-devel-2:3.10.3-12.el10_2.2.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2026-33983"
        },
        {
          "category": "external",
          "summary": "RHBZ#2453220",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2453220"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2026-33983",
          "url": "https://www.cve.org/CVERecord?id=CVE-2026-33983"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-33983",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33983"
        },
        {
          "category": "external",
          "summary": "https://github.com/FreeRDP/FreeRDP/commit/78188ab479c8e6eb9ba2475b3732c76b4bbe5425",
          "url": "https://github.com/FreeRDP/FreeRDP/commit/78188ab479c8e6eb9ba2475b3732c76b4bbe5425"
        },
        {
          "category": "external",
          "summary": "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-4gfm-4p52-h478",
          "url": "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-4gfm-4p52-h478"
        }
      ],
      "release_date": "2026-03-30T21:42:27.798000+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2026-05-19T13:29:01+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.src",
            "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:freerdp-libs-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-libs-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-libs-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-libs-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:libwinpr-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:libwinpr-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:libwinpr-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:libwinpr-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-devel-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-devel-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-devel-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-devel-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-server-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-server-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-server-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-server-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:libwinpr-devel-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:libwinpr-devel-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:libwinpr-devel-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:libwinpr-devel-2:3.10.3-12.el10_2.2.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2026:19033"
        },
        {
          "category": "workaround",
          "details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
          "product_ids": [
            "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.src",
            "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:freerdp-libs-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-libs-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-libs-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-libs-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:libwinpr-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:libwinpr-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:libwinpr-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:libwinpr-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-devel-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-devel-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-devel-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-devel-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-server-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-server-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-server-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-server-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:libwinpr-devel-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:libwinpr-devel-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:libwinpr-devel-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:libwinpr-devel-2:3.10.3-12.el10_2.2.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.src",
            "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:freerdp-libs-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-libs-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-libs-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-libs-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:libwinpr-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:libwinpr-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:libwinpr-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:libwinpr-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-devel-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-devel-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-devel-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-devel-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-server-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-server-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-server-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-server-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:libwinpr-devel-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:libwinpr-devel-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:libwinpr-devel-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:libwinpr-devel-2:3.10.3-12.el10_2.2.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "FreeRDP: FreeRDP: Denial of Service via specially crafted Remote Desktop Protocol messages"
    },
    {
      "cve": "CVE-2026-33984",
      "cwe": {
        "id": "CWE-131",
        "name": "Incorrect Calculation of Buffer Size"
      },
      "discovery_date": "2026-03-30T22:01:24.523166+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2453219"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in FreeRDP, a free implementation of the Remote Desktop Protocol. A remote attacker could exploit a heap buffer overflow vulnerability in the `resize_vbar_entry()` function. This occurs when an error in buffer resizing leads to attacker-controlled pixel data being written into an undersized memory buffer. Successful exploitation could result in arbitrary code execution.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "FreeRDP: FreeRDP: Heap buffer overflow allows arbitrary code execution via crafted pixel data",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.aarch64",
          "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.ppc64le",
          "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.s390x",
          "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.src",
          "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.x86_64",
          "AppStream-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
          "AppStream-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
          "AppStream-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.s390x",
          "AppStream-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
          "AppStream-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.aarch64",
          "AppStream-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.ppc64le",
          "AppStream-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.s390x",
          "AppStream-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.x86_64",
          "AppStream-10.2.Z:freerdp-libs-2:3.10.3-12.el10_2.2.aarch64",
          "AppStream-10.2.Z:freerdp-libs-2:3.10.3-12.el10_2.2.ppc64le",
          "AppStream-10.2.Z:freerdp-libs-2:3.10.3-12.el10_2.2.s390x",
          "AppStream-10.2.Z:freerdp-libs-2:3.10.3-12.el10_2.2.x86_64",
          "AppStream-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
          "AppStream-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
          "AppStream-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.s390x",
          "AppStream-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
          "AppStream-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
          "AppStream-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
          "AppStream-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.s390x",
          "AppStream-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
          "AppStream-10.2.Z:libwinpr-2:3.10.3-12.el10_2.2.aarch64",
          "AppStream-10.2.Z:libwinpr-2:3.10.3-12.el10_2.2.ppc64le",
          "AppStream-10.2.Z:libwinpr-2:3.10.3-12.el10_2.2.s390x",
          "AppStream-10.2.Z:libwinpr-2:3.10.3-12.el10_2.2.x86_64",
          "AppStream-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
          "AppStream-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
          "AppStream-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.s390x",
          "AppStream-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
          "CRB-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
          "CRB-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
          "CRB-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.s390x",
          "CRB-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
          "CRB-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.aarch64",
          "CRB-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.ppc64le",
          "CRB-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.s390x",
          "CRB-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.x86_64",
          "CRB-10.2.Z:freerdp-devel-2:3.10.3-12.el10_2.2.aarch64",
          "CRB-10.2.Z:freerdp-devel-2:3.10.3-12.el10_2.2.ppc64le",
          "CRB-10.2.Z:freerdp-devel-2:3.10.3-12.el10_2.2.s390x",
          "CRB-10.2.Z:freerdp-devel-2:3.10.3-12.el10_2.2.x86_64",
          "CRB-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
          "CRB-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
          "CRB-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.s390x",
          "CRB-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
          "CRB-10.2.Z:freerdp-server-2:3.10.3-12.el10_2.2.aarch64",
          "CRB-10.2.Z:freerdp-server-2:3.10.3-12.el10_2.2.ppc64le",
          "CRB-10.2.Z:freerdp-server-2:3.10.3-12.el10_2.2.s390x",
          "CRB-10.2.Z:freerdp-server-2:3.10.3-12.el10_2.2.x86_64",
          "CRB-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
          "CRB-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
          "CRB-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.s390x",
          "CRB-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
          "CRB-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
          "CRB-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
          "CRB-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.s390x",
          "CRB-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
          "CRB-10.2.Z:libwinpr-devel-2:3.10.3-12.el10_2.2.aarch64",
          "CRB-10.2.Z:libwinpr-devel-2:3.10.3-12.el10_2.2.ppc64le",
          "CRB-10.2.Z:libwinpr-devel-2:3.10.3-12.el10_2.2.s390x",
          "CRB-10.2.Z:libwinpr-devel-2:3.10.3-12.el10_2.2.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2026-33984"
        },
        {
          "category": "external",
          "summary": "RHBZ#2453219",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2453219"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2026-33984",
          "url": "https://www.cve.org/CVERecord?id=CVE-2026-33984"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-33984",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33984"
        },
        {
          "category": "external",
          "summary": "https://github.com/FreeRDP/FreeRDP/commit/dc7fdb165095139be779a4000199bc1706b06ad5",
          "url": "https://github.com/FreeRDP/FreeRDP/commit/dc7fdb165095139be779a4000199bc1706b06ad5"
        },
        {
          "category": "external",
          "summary": "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-8469-2xcx-frf6",
          "url": "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-8469-2xcx-frf6"
        }
      ],
      "release_date": "2026-03-30T21:42:57.090000+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2026-05-19T13:29:01+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.src",
            "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:freerdp-libs-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-libs-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-libs-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-libs-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:libwinpr-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:libwinpr-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:libwinpr-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:libwinpr-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-devel-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-devel-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-devel-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-devel-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-server-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-server-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-server-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-server-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:libwinpr-devel-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:libwinpr-devel-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:libwinpr-devel-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:libwinpr-devel-2:3.10.3-12.el10_2.2.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2026:19033"
        },
        {
          "category": "workaround",
          "details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
          "product_ids": [
            "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.src",
            "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:freerdp-libs-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-libs-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-libs-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-libs-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:libwinpr-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:libwinpr-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:libwinpr-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:libwinpr-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-devel-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-devel-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-devel-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-devel-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-server-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-server-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-server-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-server-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:libwinpr-devel-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:libwinpr-devel-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:libwinpr-devel-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:libwinpr-devel-2:3.10.3-12.el10_2.2.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.src",
            "AppStream-10.2.Z:freerdp-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:freerdp-libs-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-libs-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-libs-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-libs-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:libwinpr-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:libwinpr-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:libwinpr-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:libwinpr-2:3.10.3-12.el10_2.2.x86_64",
            "AppStream-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "AppStream-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "AppStream-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "AppStream-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-debugsource-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-devel-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-devel-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-devel-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-devel-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-libs-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-server-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-server-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-server-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-server-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:freerdp-server-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:libwinpr-debuginfo-2:3.10.3-12.el10_2.2.x86_64",
            "CRB-10.2.Z:libwinpr-devel-2:3.10.3-12.el10_2.2.aarch64",
            "CRB-10.2.Z:libwinpr-devel-2:3.10.3-12.el10_2.2.ppc64le",
            "CRB-10.2.Z:libwinpr-devel-2:3.10.3-12.el10_2.2.s390x",
            "CRB-10.2.Z:libwinpr-devel-2:3.10.3-12.el10_2.2.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "FreeRDP: FreeRDP: Heap buffer overflow allows arbitrary code execution via crafted pixel data"
    }
  ]
}