High severity8.5NVD Advisory· Published Mar 26, 2026· Updated Apr 2, 2026

CVE-2026-34352

Description

In TigerVNC before 1.16.2, Image.cxx in x0vncserver allows other users to observe or manipulate the screen contents, or cause an application crash, because of incorrect permissions.

Affected products

Tigervnc/Tigervnc
cpe:2.3:a:tigervnc:tigervnc:*:*:*:*:*:*:*:*
Range: <1.16.2

Patches

0b5cab169d84

https://github.com/TigerVNC/tigervncvia nvd-ref

commit

Vulnerability mechanics

Generated by null/stub on May 9, 2026. Inputs: CWE entries + fix-commit diffs from this CVE's patches. Citations validated against bundle.

References

github.com/TigerVNC/tigervnc/commit/0b5cab169d847789efa54459a87659d3fd484393nvdPatch
groups.google.com/g/tigervnc-announce/c/anHL9WLshLInvdMailing ListPatch
www.openwall.com/lists/oss-security/2026/03/26/7nvdMailing ListThird Party Advisory
sourceforge.net/projects/tigervnc/files/stable/1.16.2nvdRelease Notes

News mentions

No linked articles in our index yet.

cvss	0.552
epss	0.000
exploit	0.000
kev	0.000
patch	-0.070
ransomware	0.000