What is the CVSS score of CVE-2026-22856?

CVE-2026-22856 has a CVSS 3.1 base score of 8.1 (High). CVSS vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H. EPSS exploitation probability: 0.1%.

Which versions of Freerdp are affected by CVE-2026-22856?

Organizations using FreeRDP face notable risk from CVE-2026-22856, a race condition vulnerability rated CVSS 8.1.. A patch is available.

Is there a public PoC exploit available for CVE-2026-22856?

Yes, a public proof-of-concept exploit is available for CVE-2026-22856. Prioritise patching immediately. EPSS: 0.1%.

Freerdp CVE-2026-22856

HIGH

Race Condition (CWE-362)

2026-01-14 security-advisories@github.com

Race Condition Red Hat Freerdp Suse

8.1

CVSS 3.1

CVSS VectorNVD

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

Attack Vector

Network

Attack Complexity

High

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

High

Lifecycle Timeline

Patch released

Apr 09, 2026 - 20:30 nvd

Patch available

Analysis Generated

Mar 12, 2026 - 21:54 vuln.today

PoC Detected

Jan 20, 2026 - 18:35 vuln.today

Public exploit code

CVE Published

Jan 14, 2026 - 18:16 nvd

HIGH 8.1

DescriptionNVD

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.20.1, a race in the serial channel IRP thread tracking allows a heap use‑after‑free when one thread removes an entry from serial->IrpThreads while another reads it. This vulnerability is fixed in 3.20.1.

AnalysisAI

Heap use-after-free in FreeRDP versions before 3.20.1 stems from unsynchronized access to serial channel thread tracking structures, allowing remote attackers to trigger memory corruption and achieve code execution. The vulnerability affects systems using vulnerable FreeRDP versions for remote desktop connections and has public exploit code available. …

RemediationAI

Within 7 days: Identify all affected systems and apply vendor patches promptly. Monitor vendor channels for patch availability.

Analysis

Detailed AI-generated intelligence summary covering attack vector, impact assessment, affected versions, remediation steps, and indicators of compromise.

POChttps://••••••••••.com/exploit

PATCHhttps://••••••••••.com/patch

ADVISORYhttps://••••••••••.com/advisory