CVE-2025-68670: discovering an RCE vulnerability in xrdp

Kaspersky Securelist·19d·Reputable

During a security assessment of Kaspersky USB Redirector, we discovered CVE-2025-68670: a pre-auth RCE in the xrdp server component. Project maintainers promptly patched the vulnerability.

Categories cybersecurity · government-security · unknown-it-category-15

Original source / advisory ↗

Published

5/8/2026, 8:00:54 AM

Fetched

5/27/2026, 4:13:33 AM

Trust

reputable · 80/100

Language