Every CVE whose affected-product data names Neutrinolabs Xrdp, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (27)
CVE-2013-1430 — CVSS 9.8 (critical): An issue was discovered in xrdp before 0.9.1. When successfully logging in using RDP into an xrdp session, the file ~/.vnc/sesman_${username…
CVE-2022-23493 — CVSS 9.1 (critical): xrdp is an open source project which provides a graphical login to remote machines using Microsoft Remote Desktop Protocol (RDP). xrdp <…
CVE-2022-23477 — CVSS 9.1 (critical): xrdp is an open source project which provides a graphical login to remote machines using Microsoft Remote Desktop Protocol (RDP). xrdp <…
CVE-2022-23478 — CVSS 9.1 (critical): xrdp is an open source project which provides a graphical login to remote machines using Microsoft Remote Desktop Protocol (RDP). xrdp <…
CVE-2022-23479 — CVSS 9.1 (critical): xrdp is an open source project which provides a graphical login to remote machines using Microsoft Remote Desktop Protocol (RDP). xrdp <…
CVE-2022-23480 — CVSS 9.1 (critical): xrdp is an open source project which provides a graphical login to remote machines using Microsoft Remote Desktop Protocol (RDP). xrdp <…
CVE-2025-68670 — CVSS 9.1 (critical): xrdp is an open source RDP server. xrdp before v0.10.5 contains an unauthenticated stack-based buffer overflow vulnerability. The issue…
CVE-2026-33516 — CVSS 9.1 (critical): xrdp is an open source RDP server. Versions through 0.10.5 contain an out-of-bounds read vulnerability during the RDP capability exchange…
CVE-2026-33689 — CVSS 9.1 (critical): xrdp is an open source RDP server. Versions through 0.10.5 have an out-of-bounds read vulnerability in the pre-authentication RDP message…
CVE-2026-32107 — CVSS 8.8 (high): xrdp is an open source RDP server. In versions through 0.10.5, the session execution component did not properly handle an error during the…
CVE-2026-35512 — CVSS 8.8 (high): xrdp is an open source RDP server. Versions through 0.10.5 have a heap-based buffer overflow in the EGFX (graphics dynamic virtual channel)…
CVE-2017-16927 — CVSS 8.4 (high): The scp_v0s_accept function in sesman/libscp/libscp_v0.c in the session manager in xrdp through 0.9.4 uses an untrusted integer as a write…
CVE-2022-23484 — CVSS 8.2 (high): xrdp is an open source project which provides a graphical login to remote machines using Microsoft Remote Desktop Protocol (RDP). xrdp <…
CVE-2026-32623 — CVSS 8.1 (high): xrdp is an open source RDP server. Versions through 0.10.5 contain a heap-based buffer overflow vulnerability in the NeutrinoRDP module…
CVE-2022-23613 — CVSS 7.8 (high): xrdp is an open source remote desktop protocol (RDP) server. In affected versions an integer underflow leading to a heap overflow in the…
CVE-2026-32105 — CVSS 7.7 (high): xrdp is an open source RDP server. In versions through 0.10.5, xrdp does not implement verification for the Message Authentication Code…
CVE-2020-4044 — CVSS 7.5 (high): The xrdp-sesman service before version 0.9.13.1 can be crashed by connecting over port 3350 and supplying a malicious payload. Once the…
CVE-2022-23483 — CVSS 7.5 (high): xrdp is an open source project which provides a graphical login to remote machines using Microsoft Remote Desktop Protocol (RDP). xrdp <…
CVE-2017-6967 — CVSS 7.3 (high): xrdp 0.9.1 calls the PAM function auth_start_session() in an incorrect location, leading to PAM session modules not being properly…
CVE-2024-39917 — CVSS 7.2 (high): xrdp is an open source RDP server. xrdp versions prior to 0.10.0 have a vulnerability that allows attackers to make an infinite number of…
CVE-2026-32624 — CVSS 6.5 (medium): xrdp is an open source RDP server. Versions through 0.10.5 contain a heap-based buffer overflow vulnerability in its logon processing. In…
CVE-2022-23468 — CVSS 6.5 (medium): xrdp is an open source project which provides a graphical login to remote machines using Microsoft Remote Desktop Protocol (RDP). xrdp <…
CVE-2026-33145 — CVSS 6.3 (medium): xrdp is an open source RDP server. Versions through 0.10.5 allow an authenticated remote user to execute arbitrary commands on the server…
CVE-2023-42822 — CVSS 4.6 (medium): xrdp is an open source remote desktop protocol server. Access to the font glyphs in xrdp_painter.c is not bounds-checked . Since some of…
CVE-2023-40184 — CVSS 2.6 (low): xrdp is an open source remote desktop protocol (RDP) server. In versions prior to 0.9.23 improper handling of session establishment errors…
CVE-2022-23482 — CVSS 0.0 (none): xrdp is an open source project which provides a graphical login to remote machines using Microsoft Remote Desktop Protocol (RDP). xrdp <…
CVE-2022-23481 — CVSS 0.0 (none): xrdp is an open source project which provides a graphical login to remote machines using Microsoft Remote Desktop Protocol (RDP). xrdp <…