CVE-2026-34352

HIGH

TigerVNC <1.16.2 - Privilege Escalation

Title source: llm

Description

In TigerVNC before 1.16.2, Image.cxx in x0vncserver allows other users to observe or manipulate the screen contents, or cause an application crash, because of incorrect permissions.

References (5)

Core 5

Core References

https://www.openwall.com/lists/oss-security/2026/03/26/7

https://github.com/TigerVNC/tigervnc/commit/0b5cab169d847789efa54459a87659d3fd484393

View Patch ZIP pw:eip

https://groups.google.com/g/tigervnc-announce/c/anHL9WLshLI

https://github.com/TigerVNC/tigervnc/issues/2079

https://sourceforge.net/projects/tigervnc/files/stable/1.16.2

Scores

CVSS v3 8.5

EPSS 0.0025

EPSS Percentile 15.7%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:L/A:L

CISA SSVC

Vulnrichment

Exploitation poc

Automatable no

Technical Impact partial

Details

CWE

CWE-732

Status published

Products (2)

TigerVNC/TigerVNC < 1.16.2

tigervnc/tigervnc < 1.16.2

Published Mar 26, 2026

Tracked Since Mar 27, 2026