Skip to main content

Tigervnc

9 CVEs product

Monthly

CVE-2026-34352 HIGH PATCH This Week

TigerVNC x0vncserver versions prior to 1.16.2 expose screen contents to unauthorized local users through incorrect file permissions in Image.cxx, enabling information disclosure, screen manipulation, or denial of service. The vulnerability has CVSS 8.5 (High) with local attack vector requiring no privileges or user interaction, and scope change indicating potential impact beyond the vulnerable component. No public exploit identified at time of analysis, though technical details are available via GitHub commit and mailing list disclosure.

Denial Of Service Tigervnc
NVD GitHub VulDB
CVSS 3.1
8.5
EPSS
0.0%
CVE-2025-26601 HIGH PATCH This Week

A use-after-free flaw was found in X.Org and Xwayland. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Use After Free Memory Corruption Enterprise Linux X Server +2
NVD VulDB
CVSS 3.1
7.8
EPSS
0.1%
CVE-2025-26600 HIGH PATCH This Week

A use-after-free flaw was found in X.Org and Xwayland. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Use After Free Memory Corruption Enterprise Linux X Server +2
NVD VulDB
CVSS 3.1
7.8
EPSS
0.1%
CVE-2025-26599 HIGH PATCH This Week

An access to an uninitialized pointer flaw was found in X.Org and Xwayland. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Memory Corruption Enterprise Linux X Server Xwayland +1
NVD VulDB
CVSS 3.1
7.8
EPSS
0.1%
CVE-2025-26598 HIGH PATCH This Week

An out-of-bounds write flaw was found in X.Org and Xwayland. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Memory Corruption Enterprise Linux X Server Xwayland +1
NVD VulDB
CVSS 3.1
7.8
EPSS
0.1%
CVE-2025-26597 HIGH PATCH This Week

A buffer overflow flaw was found in X.Org and Xwayland. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Enterprise Linux X Server Xwayland Tigervnc
NVD VulDB
CVSS 3.1
7.8
EPSS
0.1%
CVE-2025-26596 HIGH PATCH This Week

A heap overflow flaw was found in X.Org and Xwayland. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Memory Corruption Enterprise Linux X Server Xwayland +1
NVD VulDB
CVSS 3.1
7.8
EPSS
0.1%
CVE-2025-26595 HIGH PATCH This Week

A buffer overflow flaw was found in X.Org and Xwayland. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Stack Overflow Enterprise Linux X Server Xwayland +1
NVD VulDB
CVSS 3.1
7.8
EPSS
0.1%
CVE-2025-26594 HIGH PATCH This Week

A use-after-free flaw was found in X.Org and Xwayland. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Use After Free Memory Corruption Enterprise Linux X Server +2
NVD VulDB
CVSS 3.1
7.8
EPSS
0.1%
EPSS 0% CVSS 8.5
HIGH PATCH This Week

TigerVNC x0vncserver versions prior to 1.16.2 expose screen contents to unauthorized local users through incorrect file permissions in Image.cxx, enabling information disclosure, screen manipulation, or denial of service. The vulnerability has CVSS 8.5 (High) with local attack vector requiring no privileges or user interaction, and scope change indicating potential impact beyond the vulnerable component. No public exploit identified at time of analysis, though technical details are available via GitHub commit and mailing list disclosure.

Denial Of Service Tigervnc
NVD GitHub VulDB
EPSS 0% CVSS 7.8
HIGH PATCH This Week

A use-after-free flaw was found in X.Org and Xwayland. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Use After Free Memory Corruption +4
NVD VulDB
EPSS 0% CVSS 7.8
HIGH PATCH This Week

A use-after-free flaw was found in X.Org and Xwayland. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Use After Free Memory Corruption +4
NVD VulDB
EPSS 0% CVSS 7.8
HIGH PATCH This Week

An access to an uninitialized pointer flaw was found in X.Org and Xwayland. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Memory Corruption Enterprise Linux +3
NVD VulDB
EPSS 0% CVSS 7.8
HIGH PATCH This Week

An out-of-bounds write flaw was found in X.Org and Xwayland. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Memory Corruption Enterprise Linux +3
NVD VulDB
EPSS 0% CVSS 7.8
HIGH PATCH This Week

A buffer overflow flaw was found in X.Org and Xwayland. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Enterprise Linux X Server +2
NVD VulDB
EPSS 0% CVSS 7.8
HIGH PATCH This Week

A heap overflow flaw was found in X.Org and Xwayland. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Memory Corruption Enterprise Linux +3
NVD VulDB
EPSS 0% CVSS 7.8
HIGH PATCH This Week

A buffer overflow flaw was found in X.Org and Xwayland. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Stack Overflow Enterprise Linux +3
NVD VulDB
EPSS 0% CVSS 7.8
HIGH PATCH This Week

A use-after-free flaw was found in X.Org and Xwayland. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Use After Free Memory Corruption +4
NVD VulDB

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy