CVE-2026-32107

Source
https://cve.org/CVERecord?id=CVE-2026-32107
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-32107.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2026-32107
Aliases
  • GHSA-p5m6-7m43-pjv9
Downstream
Related
Published
2026-04-17T19:25:20.274Z
Modified
2026-07-15T01:49:13.457710367Z
Severity
  • 8.8 (High) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H CVSS Calculator
Summary
xrdp: Fail-open privilege drop in sesexec — child processes may execute as root if setuid fails
Details

xrdp is an open source RDP server. In versions through 0.10.5, the session execution component did not properly handle an error during the privilege drop process. This improper privilege management could allow an authenticated local attacker to escalate privileges to root and execute arbitrary code on the system. An additional exploit would be needed to facilitate this. This issue has been fixed in version 0.10.6.

Database specific
{
    "cwe_ids": [
        "CWE-273"
    ],
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/32xxx/CVE-2026-32107.json",
    "cna_assigner": "GitHub_M"
}
References

Affected packages

Git / github.com/neutrinolabs/xrdp

Affected ranges

Type
GIT
Repo
https://github.com/neutrinolabs/xrdp
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed
Database specific
{
    "cpe": "cpe:2.3:a:neutrinolabs:xrdp:*:*:*:*:*:*:*:*",
    "extracted_events": [
        {
            "introduced": "0"
        },
        {
            "fixed": "0.10.6"
        }
    ],
    "source": [
        "AFFECTED_FIELD",
        "CPE_RANGE",
        "REFERENCES"
    ]
}

Affected versions

v0.*
v0.10.0
v0.10.0-beta.1
v0.10.0-beta.2
v0.10.0-beta.3
v0.10.1
v0.10.2
v0.10.2-rc.1
v0.10.3
v0.10.4
v0.10.4.1
v0.10.5
v0.9.10
v0.9.11
v0.9.12
v0.9.13
v0.9.14
v0.9.15
v0.9.16
v0.9.17
v0.9.18
v0.9.2
v0.9.3
v0.9.3.rc1
v0.9.4
v0.9.4.rc1
v0.9.5
v0.9.6
v0.9.7
v0.9.8
v0.9.9

Database specific

source
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-32107.json"