CVE-2026-34352 | THREATINT

Description

In TigerVNC before 1.16.2, Image.cxx in x0vncserver allows other users to observe or manipulate the screen contents, or cause an application crash, because of incorrect permissions.

PUBLISHED Reserved 2026-03-26 | Published 2026-03-26 | Updated 2026-06-04 | Assigner mitre

HIGH: 8.5CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:L/A:L

Problem types

CWE-732 Incorrect Permission Assignment for Critical Resource

Product status

Default status

unaffected

Any version before 1.16.2

affected

References

github.com/TigerVNC/tigervnc/issues/2079 exploit

www.openwall.com/lists/oss-security/2026/03/26/7

github.com/...ommit/0b5cab169d847789efa54459a87659d3fd484393

sourceforge.net/projects/tigervnc/files/stable/1.16.2

groups.google.com/g/tigervnc-announce/c/anHL9WLshLI

github.com/TigerVNC/tigervnc/issues/2079

cve.org (CVE-2026-34352)

nvd.nist.gov (CVE-2026-34352)

Download JSON