{ "schema_version": "1.7.0", "id": "RHSA-2026:16014", "related": [], "upstream": [ "CVE-2026-25952", "CVE-2026-25997", "CVE-2026-26986", "CVE-2026-29775", "CVE-2026-31883", "CVE-2026-31884", "CVE-2026-31885", "CVE-2026-33982", "CVE-2026-33985", "CVE-2026-33987" ], "published": "2026-05-12T10:06:34Z", "modified": "2026-05-15T10:14:27Z", "summary": "Red Hat Security Advisory: freerdp security update", "severity": [ { "type": "CVSS_V3", "score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "affected": [ { "package": { "name": "freerdp", "ecosystem": "Red Hat:enterprise_linux:10.1", "purl": "pkg:rpm/redhat/freerdp" }, "ranges": [ { "events": [ { "introduced": "0" }, { "fixed": "2:3.10.3-5.el10_1.8" } ], "type": "ECOSYSTEM" } ] }, { "package": { "name": "freerdp-debuginfo", "ecosystem": "Red Hat:enterprise_linux:10.1", "purl": "pkg:rpm/redhat/freerdp-debuginfo" }, "ranges": [ { "events": [ { "introduced": "0" }, { "fixed": "2:3.10.3-5.el10_1.8" } ], "type": "ECOSYSTEM" } ] }, { "package": { "name": "freerdp-debugsource", "ecosystem": "Red Hat:enterprise_linux:10.1", "purl": "pkg:rpm/redhat/freerdp-debugsource" }, "ranges": [ { "events": [ { "introduced": "0" }, { "fixed": "2:3.10.3-5.el10_1.8" } ], "type": "ECOSYSTEM" } ] }, { "package": { "name": "freerdp-devel", "ecosystem": "Red Hat:enterprise_linux:10.1", "purl": "pkg:rpm/redhat/freerdp-devel" }, "ranges": [ { "events": [ { "introduced": "0" }, { "fixed": "2:3.10.3-5.el10_1.8" } ], "type": "ECOSYSTEM" } ] }, { "package": { "name": "freerdp-libs", "ecosystem": "Red Hat:enterprise_linux:10.1", "purl": "pkg:rpm/redhat/freerdp-libs" }, "ranges": [ { "events": [ { "introduced": "0" }, { "fixed": "2:3.10.3-5.el10_1.8" } ], "type": "ECOSYSTEM" } ] }, { "package": { "name": "freerdp-libs-debuginfo", "ecosystem": "Red Hat:enterprise_linux:10.1", "purl": "pkg:rpm/redhat/freerdp-libs-debuginfo" }, "ranges": [ { "events": [ { "introduced": "0" }, { "fixed": "2:3.10.3-5.el10_1.8" } ], "type": "ECOSYSTEM" } ] }, { "package": { "name": "freerdp-server", "ecosystem": "Red Hat:enterprise_linux:10.1", "purl": "pkg:rpm/redhat/freerdp-server" }, "ranges": [ { "events": [ { "introduced": "0" }, { "fixed": "2:3.10.3-5.el10_1.8" } ], "type": "ECOSYSTEM" } ] }, { "package": { "name": "freerdp-server-debuginfo", "ecosystem": "Red Hat:enterprise_linux:10.1", "purl": "pkg:rpm/redhat/freerdp-server-debuginfo" }, "ranges": [ { "events": [ { "introduced": "0" }, { "fixed": "2:3.10.3-5.el10_1.8" } ], "type": "ECOSYSTEM" } ] }, { "package": { "name": "libwinpr", "ecosystem": "Red Hat:enterprise_linux:10.1", "purl": "pkg:rpm/redhat/libwinpr" }, "ranges": [ { "events": [ { "introduced": "0" }, { "fixed": "2:3.10.3-5.el10_1.8" } ], "type": "ECOSYSTEM" } ] }, { "package": { "name": "libwinpr-debuginfo", "ecosystem": "Red Hat:enterprise_linux:10.1", "purl": "pkg:rpm/redhat/libwinpr-debuginfo" }, "ranges": [ { "events": [ { "introduced": "0" }, { "fixed": "2:3.10.3-5.el10_1.8" } ], "type": "ECOSYSTEM" } ] }, { "package": { "name": "libwinpr-devel", "ecosystem": "Red Hat:enterprise_linux:10.1", "purl": "pkg:rpm/redhat/libwinpr-devel" }, "ranges": [ { "events": [ { "introduced": "0" }, { "fixed": "2:3.10.3-5.el10_1.8" } ], "type": "ECOSYSTEM" } ] } ], "references": [ { "type": "ADVISORY", "url": "https://access.redhat.com/errata/RHSA-2026:16014" }, { "type": "ARTICLE", "url": "https://access.redhat.com/security/updates/classification/#moderate" }, { "type": "REPORT", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2442764" }, { "type": "REPORT", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2442768" }, { "type": "REPORT", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2442782" }, { "type": "REPORT", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2447379" }, { "type": "REPORT", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2447383" }, { "type": "REPORT", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2447385" }, { "type": "REPORT", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2447386" }, { "type": "REPORT", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2453217" }, { "type": "REPORT", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2453218" }, { "type": "REPORT", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2453226" }, { "type": "ADVISORY", "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_16014.json" }, { "type": "REPORT", "url": "https://access.redhat.com/security/cve/CVE-2026-25952" }, { "type": "ADVISORY", "url": "https://www.cve.org/CVERecord?id=CVE-2026-25952" }, { "type": "ADVISORY", "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-25952" }, { "type": "ARTICLE", "url": "https://github.com/FreeRDP/FreeRDP/blob/5c7aae27d0417b42b4806c2a5c583ca39dd9ef1e/client/X11/xf_rail.c#L1167" }, { "type": "ARTICLE", "url": "https://github.com/FreeRDP/FreeRDP/blob/5c7aae27d0417b42b4806c2a5c583ca39dd9ef1e/client/X11/xf_rail.c#L1174" }, { "type": "ARTICLE", "url": "https://github.com/FreeRDP/FreeRDP/blob/5c7aae27d0417b42b4806c2a5c583ca39dd9ef1e/client/X11/xf_rail.c#L1178" }, { "type": "ARTICLE", "url": "https://github.com/FreeRDP/FreeRDP/blob/5c7aae27d0417b42b4806c2a5c583ca39dd9ef1e/client/X11/xf_rail.c#L1230-L1238" }, { "type": "ARTICLE", "url": "https://github.com/FreeRDP/FreeRDP/blob/5c7aae27d0417b42b4806c2a5c583ca39dd9ef1e/client/X11/xf_rail.c#L643" }, { "type": "ARTICLE", "url": "https://github.com/FreeRDP/FreeRDP/blob/5c7aae27d0417b42b4806c2a5c583ca39dd9ef1e/client/X11/xf_window.c#L1111" }, { "type": "ARTICLE", "url": "https://github.com/FreeRDP/FreeRDP/blob/5c7aae27d0417b42b4806c2a5c583ca39dd9ef1e/client/X11/xf_window.c#L1128" }, { "type": "ARTICLE", "url": "https://github.com/FreeRDP/FreeRDP/blob/5c7aae27d0417b42b4806c2a5c583ca39dd9ef1e/client/X11/xf_window.c#L1394" }, { "type": "ARTICLE", "url": "https://github.com/FreeRDP/FreeRDP/blob/5c7aae27d0417b42b4806c2a5c583ca39dd9ef1e/client/X11/xf_window.c#L1428" }, { "type": "ARTICLE", "url": "https://github.com/FreeRDP/FreeRDP/commit/1994e9844212a6dfe0ff12309fef520e888986b5" }, { "type": "ARTICLE", "url": "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-cgqm-cwjg-7w9x" }, { "type": "REPORT", "url": "https://access.redhat.com/security/cve/CVE-2026-25997" }, { "type": "ADVISORY", "url": "https://www.cve.org/CVERecord?id=CVE-2026-25997" }, { "type": "ADVISORY", "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-25997" }, { "type": "ARTICLE", "url": "https://github.com/FreeRDP/FreeRDP/blob/5c7aae27d0417b42b4806c2a5c583ca39dd9ef1e/client/X11/xf_cliprdr.c#L1884" }, { "type": "ARTICLE", "url": "https://github.com/FreeRDP/FreeRDP/blob/5c7aae27d0417b42b4806c2a5c583ca39dd9ef1e/client/X11/xf_cliprdr.c#L1889" }, { "type": "ARTICLE", "url": "https://github.com/FreeRDP/FreeRDP/blob/5c7aae27d0417b42b4806c2a5c583ca39dd9ef1e/client/X11/xf_cliprdr.c#L265" }, { "type": "ARTICLE", "url": "https://github.com/FreeRDP/FreeRDP/blob/5c7aae27d0417b42b4806c2a5c583ca39dd9ef1e/client/X11/xf_cliprdr.c#L616" }, { "type": "ARTICLE", "url": "https://github.com/FreeRDP/FreeRDP/blob/5c7aae27d0417b42b4806c2a5c583ca39dd9ef1e/client/X11/xf_cliprdr.c#L831" }, { "type": "ARTICLE", "url": "https://github.com/FreeRDP/FreeRDP/blob/5c7aae27d0417b42b4806c2a5c583ca39dd9ef1e/client/X11/xf_cliprdr.c#L851-L855" }, { "type": "ARTICLE", "url": "https://github.com/FreeRDP/FreeRDP/blob/5c7aae27d0417b42b4806c2a5c583ca39dd9ef1e/client/X11/xf_cliprdr.c#L868-L875" }, { "type": "ARTICLE", "url": "https://github.com/FreeRDP/FreeRDP/commit/58409406afe7c2a8a71ed2dc8e22075be4f41c0c" }, { "type": "ARTICLE", "url": "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-q5j3-m6jf-3jq4" }, { "type": "REPORT", "url": "https://access.redhat.com/security/cve/CVE-2026-26986" }, { "type": "ADVISORY", "url": "https://www.cve.org/CVERecord?id=CVE-2026-26986" }, { "type": "ADVISORY", "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-26986" }, { "type": "ARTICLE", "url": "https://github.com/FreeRDP/FreeRDP/blob/5c7aae27d0417b42b4806c2a5c583ca39dd9ef1e/client/X11/xf_rail.c#L1297" }, { "type": "ARTICLE", "url": "https://github.com/FreeRDP/FreeRDP/blob/5c7aae27d0417b42b4806c2a5c583ca39dd9ef1e/client/X11/xf_rail.c#L1316-L1327" }, { "type": "ARTICLE", "url": "https://github.com/FreeRDP/FreeRDP/blob/5c7aae27d0417b42b4806c2a5c583ca39dd9ef1e/client/X11/xf_rail.c#L386-L394" }, { "type": "ARTICLE", "url": "https://github.com/FreeRDP/FreeRDP/blob/5c7aae27d0417b42b4806c2a5c583ca39dd9ef1e/client/X11/xf_rail.c#L395-L399" }, { "type": "ARTICLE", "url": "https://github.com/FreeRDP/FreeRDP/blob/5c7aae27d0417b42b4806c2a5c583ca39dd9ef1e/client/X11/xf_rail.c#L401-L404" }, { "type": "ARTICLE", "url": "https://github.com/FreeRDP/FreeRDP/commit/b4f0f0a18fe53aa8d47d062f91471f4e9c5e0d51" }, { "type": "ARTICLE", "url": "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-crqx-g6x5-rx47" }, { "type": "REPORT", "url": "https://access.redhat.com/security/cve/CVE-2026-29775" }, { "type": "ADVISORY", "url": "https://www.cve.org/CVERecord?id=CVE-2026-29775" }, { "type": "ADVISORY", "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-29775" }, { "type": "ARTICLE", "url": "https://github.com/FreeRDP/FreeRDP/commit/ffad58fd2b329efd81a3239e9d7e3c927b8e503f" }, { "type": "ARTICLE", "url": "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-h666-rfw3-jhvj" }, { "type": "REPORT", "url": "https://access.redhat.com/security/cve/CVE-2026-31883" }, { "type": "ADVISORY", "url": "https://www.cve.org/CVERecord?id=CVE-2026-31883" }, { "type": "ADVISORY", "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-31883" }, { "type": "ARTICLE", "url": "https://github.com/FreeRDP/FreeRDP/commit/16df2300e1e3f5a51f68fb1626429e58b531b7c8" }, { "type": "ARTICLE", "url": "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-85x9-4xxp-xhm5" }, { "type": "REPORT", "url": "https://access.redhat.com/security/cve/CVE-2026-31884" }, { "type": "ADVISORY", "url": "https://www.cve.org/CVERecord?id=CVE-2026-31884" }, { "type": "ADVISORY", "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-31884" }, { "type": "ARTICLE", "url": "https://github.com/FreeRDP/FreeRDP/commit/03b48b3601d867afccac1cdc6081de7a275edce7" }, { "type": "ARTICLE", "url": "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-jp7m-94ww-p56r" }, { "type": "REPORT", "url": "https://access.redhat.com/security/cve/CVE-2026-31885" }, { "type": "ADVISORY", "url": "https://www.cve.org/CVERecord?id=CVE-2026-31885" }, { "type": "ADVISORY", "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-31885" }, { "type": "ARTICLE", "url": "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-h23r-3988-3wf3" }, { "type": "REPORT", "url": "https://access.redhat.com/security/cve/CVE-2026-33982" }, { "type": "ADVISORY", "url": "https://www.cve.org/CVERecord?id=CVE-2026-33982" }, { "type": "ADVISORY", "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33982" }, { "type": "ARTICLE", "url": "https://github.com/FreeRDP/FreeRDP/commit/a48dbde2c8a5b8b70a9d1c045d969a71afd6284c" }, { "type": "ARTICLE", "url": "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-8jm9-2925-g4v2" }, { "type": "REPORT", "url": "https://access.redhat.com/security/cve/CVE-2026-33985" }, { "type": "ADVISORY", "url": "https://www.cve.org/CVERecord?id=CVE-2026-33985" }, { "type": "ADVISORY", "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33985" }, { "type": "ARTICLE", "url": "https://github.com/FreeRDP/FreeRDP/commit/c49d1ad43b8c7b32794d0250f2623c2dccd7ef25" }, { "type": "ARTICLE", "url": "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-x6gr-8p7h-5h85" }, { "type": "REPORT", "url": "https://access.redhat.com/security/cve/CVE-2026-33987" }, { "type": "ADVISORY", "url": "https://www.cve.org/CVERecord?id=CVE-2026-33987" }, { "type": "ADVISORY", "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33987" }, { "type": "ARTICLE", "url": "https://github.com/FreeRDP/FreeRDP/commit/1a890eb43492b5eb707cb3dd6fc908f696e8fc1c" }, { "type": "ARTICLE", "url": "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-ff8h-p5vc-wcwc" } ] }