CVE-2026-27951
Received Received - Intake
Infinite Loop Vulnerability in FreeRDP Stream_EnsureCapacity Function

Publication date: 2026-02-25

Last updated on: 2026-02-27

Assigner: GitHub, Inc.

Description
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.23.0, the function `Stream_EnsureCapacity` can create an endless blocking loop. This may affect all client and server implementations using `FreeRDP`. For practical exploitation this will only work on 32bit systems where the available physical memory is `>= SIZE_MAX`. Version 3.23.0 contains a patch. No known workarounds are available.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-02-25
Last Modified
2026-02-27
Generated
2026-06-16
AI Q&A
2026-02-26
EPSS Evaluated
2026-06-14
NVD
CVE-2026-27951
EUVD
EUVD-2026-8755
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
freerdp freerdp to 3.23.0 (exc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-190 The product performs a calculation that can produce an integer overflow or wraparound when the logic assumes that the resulting value will always be larger than the original value. This occurs when an integer value is incremented to a value that is too large to store in the associated representation. When this occurs, the value may become a very small or negative number.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

This vulnerability exists in FreeRDP, a free implementation of the Remote Desktop Protocol. Before version 3.23.0, the function Stream_EnsureCapacity can cause an endless blocking loop. This means that when this function is called, it may get stuck indefinitely, causing the program to hang.

The issue affects all client and server implementations using FreeRDP. However, practical exploitation is limited to 32-bit systems where the available physical memory is greater than or equal to SIZE_MAX.

Version 3.23.0 of FreeRDP contains a patch that fixes this vulnerability, and there are no known workarounds available.

Impact Analysis

The vulnerability can cause an endless blocking loop in FreeRDP, which may lead to a denial of service condition by making the affected client or server hang indefinitely.

This impact is limited to 32-bit systems with very large amounts of physical memory (greater than or equal to SIZE_MAX).

The CVSS v3.1 base score is 5.3, indicating a medium severity primarily due to availability impact without affecting confidentiality or integrity.

Compliance Impact

I don't know

Detection Guidance

I don't know

Mitigation Strategies

To mitigate this vulnerability, you should upgrade FreeRDP to version 3.23.0 or later, as this version contains the patch that fixes the issue.

No known workarounds are available, so applying the update is the recommended immediate step.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-27951. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart