Home / Vulnerability Intelligence / CVE-2026-25952

CVE-2026-25952 - Vulnerability Analysis

CriticalCVSS: 9.8

Last Updated: February 27, 2026

FreeRDP - Use After Free

Published: February 25, 2026Updated: February 27, 2026PoC AvailableRemote Exploitable

Overview

FreeRDP prior to 3.23.0 contains a use-after-free vulnerability caused by concurrent access to an unprotected pointer in the railWindows hash table, letting attackers cause memory corruption or denial of service, exploit requires concurrent RAIL channel usage.

Severity & Score

Severity: Critical

CVSS Score: 9.8

EPSS Score: 8.8%(Probability of exploitation in next 30 days)

Impact

Attackers can cause memory corruption or denial of service, potentially crashing the application or executing arbitrary code.

Mitigation

Update to version 3.23.0 or later.

References

Social Media Activity(1 post)

TheHackerWire

@thehackerwire

Mar 1, 2026

🔴 CVE-2026-25952 - Critical (9.8) FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.23.0, `xf_SetWindowMinMaxInfo` dereferences a freed `xfAppWindow` pointer because `xf_rail_get_window` in `xf_rail_server_min_max_info` returns an unprotected poin... 🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-25952/ #CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

View original post

Related Resources

Details

CVE ID: CVE-2026-25952
Severity: Critical
CVSS Score: 9.8
Type: use_after_free
Status: confirmed
EPSS: 8.8%
Social Posts: 1

CWE

CWE-416

CVSS Metrics

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

EPSS Score

8.8%Probability of exploitation in the next 30 days