CVE-2026-34352

EUVD-2026-16468
In TigerVNC before 1.16.2, Image.cxx in x0vncserver allows other users to observe or manipulate the screen contents, or cause an application crash, because of incorrect permissions.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
8.5 HIGH
LOCAL
LOW
NONE
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:L/A:L
mitreCNA
8.5 HIGH
LOCAL
LOW
NONE
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:L/A:L
Base Score
CVSS 3.x
EPSS Score
Percentile: Unknown
Affected Products (NVD)
VendorProductVersion
tigervnctigervnc
𝑥
< 1.16.2
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://github.com/TigerVNC/tigervnc/commit/0b5cab169d847789efa54459a87659d3fd484393
https://groups.google.com/g/tigervnc-announce/c/anHL9WLshLI
https://sourceforge.net/projects/tigervnc/files/stable/1.16.2
https://www.openwall.com/lists/oss-security/2026/03/26/7