By weakness (CWE)
CWE-131: related vulnerabilities
CVEs classified under CWE-131. Understanding the weakness class helps prioritize systemic fixes over one-off patches.
2 published vulnerabilities
- CVE-2026-44420HIGH 8.8
FreeRDP, a widely-used open-source Remote Desktop Protocol implementation, contains a flaw in its clipboard handling that allows an authenticated attacker to crash the RDP server or potentially execute arbitrary code. A malicious RDP client can send a specially crafted clipboard message with an invalid size parameter, causing the server to write past the bounds of allocated memory. This affects FreeRDP versions prior to 3.26.0. The vulnerability requires valid RDP credentials to exploit, limiting the attack surface to authenticated threat actors.
- CVE-2026-10701HIGH 7.5
Firefox's text rendering engine contains a flaw in how it validates memory boundaries when processing text data. An attacker on the network can exploit this without requiring user interaction or special permissions, allowing them to read sensitive information from the browser's memory. The vulnerability affects Firefox versions prior to 151.0.3.