vulnerability context

CVE-2026-40033

CVSS 8.8 HIGHEPSS 21%CWE-122

FreeRDP before 3.26.0 contains a heap-buffer-overflow vulnerability in gdi_CacheToSurface that allows remote attackers to write out-of-bounds heap memory. The vulnerability occurs because rectangle validation clamps coordinates to UINT16_MAX but performs copy operations using unclamped cache entry dimensions, enabling malicious RDP servers to trigger large out-of-bounds writes and potentially achieve remote code execution or client crash.

Published 2026-05-26 · last modified 2026-05-27

details

CISA KEV status: Not in catalog
CVSS v3: 8.8 / HIGH
CVSS vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
EPSS: 21% percentile (score 0.0007)
CWE: CWE-122

View on NVD → · cve.org

source mentions 2

[CyberHub] 📌 CVE-2026-40033 - FreeRDP before 3.26.0 contains a heap-buffer-overflow vulnerability in gdi_CacheToSurface that al...Bluesky:@cyberhub.blog · 13d ago
[CVE Alerts ] CVE-2026-40033 - FreeRDP - Heap-buffer-overflow in gdi_CacheToSurface via rectangle validation bypass CVE ID : CVE-2...Bluesky · 14d ago

source consensus

Bluesky:@cyberhub.blog1×
Bluesky1×

Want the 3-bullet summary of CVE-2026-40033, plus webhook alerts when KEV is updated? Pro is $10/mo.

Open in reader See Pro →