CVE-2026-31897 NONE

CVE-2026-31897: FreeRDP has an out-of-bounds read in `freerdp_bitmap_decompress_planar`

Vendor Freerdp
Product FreeRDP
Weakness CWE-125
Published March 13, 2026
Last update March 13, 2026

CVSS base score

0.0/10
Attack vector Network
Attack complexity Low
Privileges required None
User interaction Required
Confidentiality None
Integrity None

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:N

What the vulnerability does

01Description

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.24.0, there is an out-of-bounds read in freerdp_bitmap_decompress_planar when SrcSize is 0. The function dereferences *srcp (which points to pSrcData) without first verifying that SrcSize >= 1. When SrcSize is 0 and pSrcData is non-NULL, this reads one byte past the end of the source buffer. This vulnerability is fixed in 3.24.0.

Key dates

02Disclosure timeline

March 13, 2026 CVE published
March 13, 2026 Record updated