FreeRDP, an open-source RDP client, contains multiple security vulnerabilities including denial of service via use-after-free (CVE-2026-25952), double free during disconnect (CVE-2026-26986), endless blocking loop in Stream_EnsureCapacity (CVE-2026-27951), heap-buffer-overflow in bitmap_cache_put (CVE-2026-29775), out-of-bounds read in ADPCM decoders due to missing bounds checks (CVE-2026-31885), division-by-zero in ADPCM decoders when nBlockAlign is zero (CVE-2026-31884), denial of service via crafted audio data (CVE-2026-31883), and information disclosure via heap memory out-of-bounds read (CVE-2026-33985). These vulnerabilities have been addressed in updated packages provided by Red Hat for their Enterprise Linux 7 Extended Lifecycle Support. The advisory rates the overall security impact as Moderate.

The vulnerabilities can lead to denial of service conditions through various memory corruption and logic errors, including use-after-free, double free, endless loops, and crafted data inputs. There is also potential for information disclosure due to out-of-bounds heap reads. These impacts could disrupt RDP client operations or leak sensitive memory contents. No known exploits in the wild have been reported at this time.

Red Hat has released updated freerdp packages for Red Hat Enterprise Linux 7 Extended Lifecycle Support that address these vulnerabilities. Users should apply these official security updates as detailed in the Red Hat advisory RHSA-2026:20546 (https://access.redhat.com/errata/RHSA-2026:20546) and the update instructions at https://access.redhat.com/articles/11258. Applying these updates will mitigate the described security issues. No additional vendor-recommended mitigations are indicated.