https://feed.craftedsignal.io/tags/cve-2026-33982/Trending threats, MITRE ATT&CK coverage, and detection metadata — refreshed continuously.Hugoenhello@craftedsignal.iohello@craftedsignal.ioMon, 30 Mar 2026 22:16:19 +0000https://feed.craftedsignal.io/briefs/2026-03-freerdp-heap-overflow/Mon, 30 Mar 2026 22:16:19 +0000hello@craftedsignal.iohttps://feed.craftedsignal.io/briefs/2026-03-freerdp-heap-overflow/A heap-buffer-overflow read vulnerability exists in FreeRDP versions prior to 3.24.2, specifically in the winpr_aligned_offset_recalloc() function, potentially leading to denial of service or information disclosure.<p>CVE-2026-33982 is a heap-buffer-overflow READ vulnerability affecting FreeRDP, a widely used open-source implementation of the Remote Desktop Protocol (RDP). The vulnerability exists in versions prior to 3.24.2 and is located within the <code>winpr_aligned_offset_recalloc()</code> function. Specifically, the flaw occurs due to an out-of-bounds read 24 bytes before the allocated buffer, which could be triggered during specific RDP operations involving memory reallocation. Successful exploitation can lead…</p> mediumadvisoryfreerdpheap-buffer-overflowcve-2026-33982rdp