Skip to main content

Deskflow EUVDEUVD-2026-25622

| CVE-2026-41476 HIGH
Classic Buffer Overflow (CWE-120)
2026-04-24 GitHub_M
7.4
CVSS 4.0 · GitHub Advisory
Share

Severity by source

GitHub Advisory PRIMARY
7.4 HIGH
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
SUSE
HIGH
qualitative

Primary rating from GitHub Advisory.

CVSS VectorGitHub Advisory

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Attack Vector
Network
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
X

Lifecycle Timeline

8
Patch released
Apr 28, 2026 - 15:47 nvd
Patch available
Re-analysis Queued
Apr 24, 2026 - 21:22 vuln.today
cvss_changed
Patch available
Apr 24, 2026 - 21:02 EUVD
Analysis Generated
Apr 24, 2026 - 20:30 vuln.today
CVSS changed
Apr 24, 2026 - 20:22 NVD
7.4 (HIGH)
EUVD ID Assigned
Apr 24, 2026 - 20:15 euvd
EUVD-2026-25622
Analysis Generated
Apr 24, 2026 - 20:15 vuln.today
CVE Published
Apr 24, 2026 - 19:47 nvd
HIGH 7.4

DescriptionGitHub Advisory

Deskflow is a keyboard and mouse sharing app. Prior to 1.26.0.138, a remote memory-safety vulnerability in Deskflow's clipboard deserialization allows a connected peer to trigger an out-of-bounds read by sending a malformed clipboard update. The issue is in the implementation of src/lib/deskflow/IClipboard.cpp. This is reachable because ClipboardChunk::assemble() in src/lib/deskflow/ClipboardChunk.cpp validates only the outer clipboard transfer size. It does not validate the internal structure of the serialized clipboard blob, so malformed inner lengths reach IClipboard::unmarshall() unchanged. This vulnerability is fixed in 1.26.0.138.

AnalysisAI

Out-of-bounds memory read in Deskflow's clipboard deserialization allows authenticated remote peers to crash the application or potentially leak memory contents. The vulnerability affects versions prior to 1.26.0.138 and stems from insufficient validation of clipboard data structure during network transfer between connected machines. A malicious peer on the shared keyboard/mouse network can exploit this by sending specially crafted clipboard updates. CVSS 7.4 reflects network-based attack with low complexity requiring authenticated peer connection. No public exploit identified at time of analysis, though proof-of-concept code exists (CVSS E:P).

Technical ContextAI

Deskflow is a keyboard, mouse, and clipboard sharing application that allows multiple computers to be controlled from a single keyboard/mouse. The vulnerability resides in the clipboard synchronization protocol implementation within src/lib/deskflow/IClipboard.cpp. When clipboard data is transmitted between peers, ClipboardChunk::assemble() validates only the outer transfer envelope size but fails to verify the internal structure of the serialized clipboard blob. This allows malformed length fields in the inner data structure to bypass validation checks and reach IClipboard::unmarshall() unchanged, triggering an out-of-bounds read (CWE-120: Buffer Copy without Checking Size of Input). This is a classic deserialization vulnerability where untrusted network data is processed without adequate boundary validation, similar to issues seen in other peer-to-peer synchronization protocols.

RemediationAI

Upgrade to Deskflow version 1.26.0.138 or later, which contains the fix for improper clipboard deserialization validation. The patched version adds proper bounds checking to IClipboard::unmarshall() to validate internal structure fields before processing. Download the updated release from the official Deskflow repository or distribution channel. If immediate patching is not feasible, disable clipboard sharing functionality in Deskflow configuration settings to eliminate the attack surface, though this removes a core feature. Alternatively, restrict Deskflow peer connections to only verified, fully trusted machines on isolated network segments, and monitor for abnormal clipboard transfer activity or application crashes. Organizations should review the vendor advisory at https://github.com/deskflow/deskflow/security/advisories/GHSA-3jp5-g964-cgmh for additional implementation details.

Vendor StatusVendor

SUSE

Severity: High

Share

EUVD-2026-25622 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy