CVE-2026-34352

critical

Description

In TigerVNC before 1.16.2, Image.cxx in x0vncserver allows other users to observe or manipulate the screen contents, or cause an application crash, because of incorrect permissions.

References

https://www.openwall.com/lists/oss-security/2026/03/26/7

https://sourceforge.net/projects/tigervnc/files/stable/1.16.2

https://groups.google.com/g/tigervnc-announce/c/anHL9WLshLI

https://github.com/TigerVNC/tigervnc/commit/0b5cab169d847789efa54459a87659d3fd484393

Details

Source: Mitre, NVD

Published: 2026-03-26

Updated: 2026-04-02

Risk Information

CVSS v2

Base Score: 10

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

Severity: Critical

CVSS v3

Base Score: 9.8

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H