Skip to main content

Tigervnc CVE-2026-34352

| EUVDEUVD-2026-16468 HIGH
Incorrect Permission Assignment for Critical Resource (CWE-732)
2026-03-26 mitre GHSA-4vj5-vh2w-8g5j
8.5
CVSS 3.1 · NVD
Share

Severity by source

NVD PRIMARY
8.5 HIGH
AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:L/A:L
SUSE
HIGH
qualitative
Red Hat
6.3 MEDIUM
qualitative

Primary rating from NVD.

CVSS VectorNVD

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:L/A:L
Attack Vector
Local
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Changed
Confidentiality
High
Integrity
Low
Availability
Low

Lifecycle Timeline

6
Analysis Updated
Apr 16, 2026 - 06:13 EUVD-patch-fix
executive_summary
Re-analysis Queued
Apr 16, 2026 - 05:29 backfill_euvd_patch
patch_released
Patch available
Apr 16, 2026 - 05:29 EUVD
1.16.2
EUVD ID Assigned
Mar 26, 2026 - 23:01 euvd
EUVD-2026-16468
Analysis Generated
Mar 26, 2026 - 23:01 vuln.today
CVE Published
Mar 26, 2026 - 22:30 nvd
HIGH 8.5

DescriptionCVE.org

In TigerVNC before 1.16.2, Image.cxx in x0vncserver allows other users to observe or manipulate the screen contents, or cause an application crash, because of incorrect permissions.

AnalysisAI

TigerVNC x0vncserver versions prior to 1.16.2 expose screen contents to unauthorized local users through incorrect file permissions in Image.cxx, enabling information disclosure, screen manipulation, or denial of service. The vulnerability has CVSS 8.5 (High) with local attack vector requiring no privileges or user interaction, and scope change indicating potential impact beyond the vulnerable component. …

Unlock full vulnerability intelligence

  • Risk assessment & exploitation conditions
  • Attack chain visualization
  • Remediation with exact patch versions
  • Threat intelligence from 22 sources
  • Personal watchlist & email alerts

Free forever · No credit card required

Attack ChainAIDerived

Hypothetical attack flow derived from CVE metadata

Access
Gain local system access
Exploit
Execute x0vncserver process
Execution
Access Image.cxx via incorrect permissions
Impact
Read/modify screen contents or crash application

Vulnerability AssessmentAI

Exploitation Local attacker with unprivileged user account access to a system running TigerVNC x0vncserver before version 1.16.2. … Additional conditions and limiting factors are described in the full assessment.
Risk Assessment The CVSS vector CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C indicates local attack vector with low complexity, no privileges required, no user interaction, and scope change, yielding an 8.5 score. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in.
Exploit Scenario An unprivileged local user on a shared Linux server where x0vncserver is running for remote administration gains unauthorized access to screen buffers due to incorrect file permissions in Image.cxx. The attacker reads sensitive information displayed on the administrator's screen (credentials, confidential documents) or injects manipulated screen content to social engineer legitimate users. …
Remediation Upgrade TigerVNC to version 1.16.2 or later, available at https://sourceforge.net/projects/tigervnc/files/stable/1.16.2 and announced via https://groups.google.com/g/tigervnc-announce/c/anHL9WLshLI. … Detailed patch versions, workarounds, and compensating controls in full report.

Recommended ActionAI

Within 24 hours: Identify all systems running TigerVNC x0vncserver and document current versions. …

Sign in for detailed remediation steps and compensating controls.

Threat intelligence, references, and detailed analysis are available after sign-in.

Vendor StatusVendor

SUSE

Severity: High
Product Status
Container suse/sl-micro/6.0/base-os-container:latest Container suse/sl-micro/6.1/base-os-container:2.2.1-5.112 Image SL-Micro Image SL-Micro-Base Image SL-Micro-Base-RT Image SL-Micro-Base-RT-SelfInstall Image SL-Micro-Base-RT-encrypted Image SL-Micro-Base-SelfInstall Image SL-Micro-Base-encrypted Image SL-Micro-Base-qcow Image SL-Micro-Default Image SL-Micro-Default-SelfInstall Image SL-Micro-Default-encrypted Image SL-Micro-Default-qcow Image SLE-Micro Image SLE-Micro-Azure Image SLE-Micro-BYOS Image SLE-Micro-BYOS-Azure Image SLE-Micro-BYOS-EC2 Image SLE-Micro-BYOS-GCE Image SLE-Micro-EC2 Image SLE-Micro-GCE Affected
Image SLES15-SP6-SAP-Azure-LI-BYOS Image SLES15-SP6-SAP-Azure-LI-BYOS-Production Image SLES15-SP6-SAP-Azure-VLI-BYOS Image SLES15-SP6-SAP-Azure-VLI-BYOS-Production Affected
SUSE Linux Enterprise Desktop 15 SP7 SUSE Linux Enterprise High Performance Computing 15 SP7 SUSE Linux Enterprise Server 15 SP7 SUSE Linux Enterprise Server for SAP Applications 15 SP7 Fixed
SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS Fixed
SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS Fixed

Share

CVE-2026-34352 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy