Skip to main content

Mondoo

Vulnerability Management
Technology
Services

Solutions

Financial Services
Manufacturing
Healthcare

Resources

Blog
Vulnerability Database
Documentation
GitHub

Company

About
Careers
Partners
Contact

Legal

Privacy
Terms
Imprint

© 2026 Mondoo, Inc.

Log in Get Assessment

Vulnerability IntelligenceCVE-2026-34352

CVE-2026-34352

HIGH8.5

In TigerVNC before 1

Published Mar 26, 2026

Modified 3 weeks ago

Details

In TigerVNC before 1.16.2, Image.cxx in x0vncserver allows other users to observe or manipulate the screen contents, or cause an application crash, because of incorrect permissions.

References

https://github.com/TigerVNC/tigervnc/commit/0b5cab169d847789efa54459a87659d3fd484393

https://groups.google.com/g/tigervnc-announce/c/anHL9WLshLI

https://sourceforge.net/projects/tigervnc/files/stable/1.16.2

https://www.cve.org/CVERecord?id=CVE-2026-34352

https://www.openwall.com/lists/oss-security/2026/03/26/7

CVSS Analysis

CVSS v3.1

8.5

Exploitability

Attack Vector

LocalAV:L

Attack Complexity

LowAC:L

Privileges Required

NonePR:N

User Interaction

NoneUI:N

Scope

Scope

ChangedS:C

Impact

Confidentiality

HighC:H

Integrity

LowI:L

Availability

LowA:L

8.5/CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:L/A:L

Weakness Type (CWE)

Configuration

Incorrect Permission Assignment

Ecosystems

Timeline

PublishedMar 26, 2026

ModifiedMar 27, 2026

CVE-2026-34352 | Mondoo Vulnerability Intelligence