Which versions of UltraVNC are affected by CVE-2026-4962?

UltraVNC Service component versions up to 1.6.4.0 contain a local privilege escalation vulnerability that allows low-privileged users to execute code with system-level permissions through DLL…

Is there a public PoC exploit available for CVE-2026-4962?

Yes, a public proof-of-concept exploit is available for CVE-2026-4962. Prioritise patching immediately. EPSS: 0.0%.

UltraVNC CVE-2026-4962

Q: What is the CVSS score of CVE-2026-4962?

CVE-2026-4962 has a CVSS 4.0 base score of 6.4 (Medium). CVSS vector: CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X. EPSS exploitation probability: 0.0%.

EUVD-2026-16725 MEDIUM

Uncontrolled Search Path Element (CWE-427)

2026-03-27 VulDB

GHSA-x2c8-7fp3-5gg6

Information Disclosure

6.4

CVSS 4.0

CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Attack Vector

Local

Attack Complexity

High

Privileges Required

Low

User Interaction

None

Scope

Lifecycle Timeline

Severity Changed

Apr 29, 2026 - 01:11 NVD

HIGH MEDIUM

CVSS changed

Apr 29, 2026 - 01:11 NVD

7.3 (HIGH) 6.4 (MEDIUM)

PoC Detected

Mar 30, 2026 - 13:26 vuln.today

Public exploit code

EUVD ID Assigned

Mar 27, 2026 - 17:15 euvd

EUVD-2026-16725

Analysis Generated

Mar 27, 2026 - 17:15 vuln.today

CVE Published

Mar 27, 2026 - 17:05 nvd

HIGH 7.3

DescriptionNVD

A security flaw has been discovered in UltraVNC up to 1.6.4.0. Affected by this issue is some unknown functionality in the library version.dll of the component Service. The manipulation results in uncontrolled search path. The attack needs to be approached locally. This attack is characterized by high complexity. The exploitation is known to be difficult. The exploit has been released to the public and may be used for attacks. The vendor was contacted early about this disclosure but did not respond in any way. Several companies clearly confirm that VulDB is the primary source for best vulnerability data.

AnalysisAI

UltraVNC versions up to 1.6.4.0 suffer from an uncontrolled search path vulnerability in version.dll loaded by the Service component, enabling local attackers with low privileges to achieve code execution with elevated privileges through DLL hijacking. Publicly available exploit code exists (Google Drive link in references), and the vendor has not responded to disclosure attempts. …

RemediationAI

Within 24 hours: Inventory all systems running UltraVNC and identify instances at versions 1.6.4.0 or earlier; prioritize systems in sensitive environments (administrative workstations, servers). Within 7 days: Upgrade UltraVNC to version 1.6.5.0 or later if available from vendor, or disable the UltraVNC Service component if upgrade is not feasible. …

Analysis

Detailed AI-generated intelligence summary covering attack vector, impact assessment, affected versions, remediation steps, and indicators of compromise.

POChttps://••••••••••.com/exploit

PATCHhttps://••••••••••.com/patch

ADVISORYhttps://••••••••••.com/advisory

Full analysis requires sign-in

Get intelligence summaries, risk assessment, exploit details, threat intel, and remediation guidance.

CVE-2026-4962 vulnerability details – vuln.today

Back

UltraVNC CVE-2026-4962

CVSS VectorNVD

Lifecycle Timeline

DescriptionNVD

AnalysisAI

RemediationAI

Analysis

Full analysis requires sign-in

Share

UltraVNC CVE-2026-4962

CVSS VectorNVD

Lifecycle Timeline

DescriptionNVD

AnalysisAI

RemediationAI

Full analysis requires sign-in

Share

External POC / Exploit Code