CVE-2026-34352

HIGH

TigerVNC <1.16.2 - Privilege Escalation

Title source: llm

Description

In TigerVNC before 1.16.2, Image.cxx in x0vncserver allows other users to observe or manipulate the screen contents, or cause an application crash, because of incorrect permissions.

References (4)

https://www.openwall.com/lists/oss-security/2026/03/26/7

https://github.com/TigerVNC/tigervnc/commit/0b5cab169d847789efa54459a87659d3fd484393

View Patch ZIP pw:eip

https://sourceforge.net/projects/tigervnc/files/stable/1.16.2

https://groups.google.com/g/tigervnc-announce/c/anHL9WLshLI

Scores

CVSS v3 8.5

EPSS 0.0003

EPSS Percentile 8.8%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:L/A:L

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact partial

Details

CWE

CWE-732

Status published

Products (2)

TigerVNC/TigerVNC < 1.16.2

tigervnc/tigervnc < 1.16.2

Published Mar 26, 2026

Tracked Since Mar 27, 2026