CVE-2026-34352 HIGH

CVE-2026-34352

Vendor Tigervnc
Product TigerVNC
Weakness CWE-732
Published March 26, 2026
Last update June 4, 2026

CVSS base score

8.5/10
Attack vector Local
Attack complexity Low
Privileges required None
User interaction None
Confidentiality High
Integrity Low

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:L/A:L

What the vulnerability does

01Description

In TigerVNC before 1.16.2, Image.cxx in x0vncserver allows other users to observe or manipulate the screen contents, or cause an application crash, because of incorrect permissions.

Key dates

02Disclosure timeline

March 26, 2026 CVE published
June 4, 2026 Record updated