Use after free in Remote Desktop Client allows an unauthorized attacker to execute code over a network.
| Vendor | Product | Versions |
|---|---|---|
| microsoft | remote desktop | 1.2.0.0, 10.0.14393.0, 10.0.17763.0, 10.0.19044.0, 10.0.19045.0, 10.0.22631.0, 10.0.22631.0, 10.0.26100.0, 10.0.26200.0, 10.0.28000.0, 1.00, 6.2.9200.0, 6.2.9200.0, 6.3.9600.0, 6.3.9600.0, 10.0.14393.0, 10.0.14393.0, 10.0.17763.0, 10.0.17763.0, 10.0.20348.0, 10.0.25398.0, 10.0.26100.0, 10.0.26100.0 |
Downstream vendors/products affected by this vulnerability
| Vendor | Product | Source | Confidence |
|---|---|---|---|
| microsoft | windows 11 version 22h3 | mitre_affected | 90% |
| microsoft | windows server 2012 r2 (server core installation) | mitre_affected | 90% |
| microsoft | windows 10 version 21h2 | mitre_affected | 90% |
| microsoft | windows server 2012 (server core installation) | mitre_affected | 90% |
| microsoft | windows | mitre_affected | 90% |
Updated severity to CRITICAL and added new CVE ID CVE-2026-32157.
Added a detailed description of the vulnerability and updated exploit availability to true.
Initial creation
