Vendor
A use-after-free vulnerability (CVE-2026-56297) in the FreeRDP client before version 3.22.0 allows a malicious RDP server to achieve remote code execution or denial of service on connecting clients by triggering a race condition through concurrent DYNVC_DATA and DYNVC_CLOSE messages.