Vulnerability Description
In TigerVNC before 1.16.2, Image.cxx in x0vncserver allows other users to observe or manipulate the screen contents, or cause an application crash, because of incorrect permissions.
CVSS Score
8.5
HIGH
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:L/A:L
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Tigervnc | Tigervnc | < 1.16.2 |
Related Weaknesses (CWE)
References
- https://github.com/TigerVNC/tigervnc/commit/0b5cab169d847789efa54459a87659d3fd48Patch
- https://groups.google.com/g/tigervnc-announce/c/anHL9WLshLIMailing ListPatch
- https://sourceforge.net/projects/tigervnc/files/stable/1.16.2Release Notes
- https://www.openwall.com/lists/oss-security/2026/03/26/7Mailing ListThird Party Advisory
FAQ
What is CVE-2026-34352?
CVE-2026-34352 is a vulnerability with a CVSS score of 8.5 (HIGH). In TigerVNC before 1.16.2, Image.cxx in x0vncserver allows other users to observe or manipulate the screen contents, or cause an application crash, because of incorrect permissions.
How severe is CVE-2026-34352?
CVE-2026-34352 has been rated HIGH with a CVSS base score of 8.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2026-34352?
Check the references section above for vendor advisories and patch information. Affected products include: Tigervnc Tigervnc.