{"dataType": "CVE_RECORD", "cveMetadata": {"cveId": "CVE-2026-34352", "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "state": "PUBLISHED", "assignerShortName": "mitre", "dateReserved": "2026-03-26T22:30:46.508Z", "datePublished": "2026-03-26T22:30:46.928Z", "dateUpdated": "2026-03-27T13:53:48.564Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "product": "TigerVNC", "vendor": "TigerVNC", "versions": [{"lessThan": "1.16.2", "status": "affected", "version": "0", "versionType": "semver"}]}], "descriptions": [{"lang": "en", "value": "In TigerVNC before 1.16.2, Image.cxx in x0vncserver allows other users to observe or manipulate the screen contents, or cause an application crash, because of incorrect permissions."}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "LOW", "baseScore": 8.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:L/A:L", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-732", "description": "CWE-732 Incorrect Permission Assignment for Critical Resource", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre", "dateUpdated": "2026-03-26T22:37:28.411Z"}, "references": [{"url": "https://www.openwall.com/lists/oss-security/2026/03/26/7"}, {"url": "https://github.com/TigerVNC/tigervnc/commit/0b5cab169d847789efa54459a87659d3fd484393"}, {"url": "https://sourceforge.net/projects/tigervnc/files/stable/1.16.2"}, {"url": "https://groups.google.com/g/tigervnc-announce/c/anHL9WLshLI"}], "x_generator": {"engine": "CVE-Request-form 0.0.1"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-03-27T13:28:49.782878Z", "id": "CVE-2026-34352", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-03-27T13:53:48.564Z"}}]}, "dataVersion": "5.2"}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2026-34352", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2026-03-27T13:28:49.782878Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-03-27T13:28:53.233Z"}}], "cna": {"metrics": [{"format": "CVSS", "cvssV3_1": {"scope": "CHANGED", "version": "3.1", "baseScore": 8.5, "attackVector": "LOCAL", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:L/A:L", "integrityImpact": "LOW", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "LOW", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"vendor": "TigerVNC", "product": "TigerVNC", "versions": [{"status": "affected", "version": "0", "lessThan": "1.16.2", "versionType": "semver"}], "defaultStatus": "unaffected"}], "references": [{"url": "https://www.openwall.com/lists/oss-security/2026/03/26/7"}, {"url": "https://github.com/TigerVNC/tigervnc/commit/0b5cab169d847789efa54459a87659d3fd484393"}, {"url": "https://sourceforge.net/projects/tigervnc/files/stable/1.16.2"}, {"url": "https://groups.google.com/g/tigervnc-announce/c/anHL9WLshLI"}], "x_generator": {"engine": "CVE-Request-form 0.0.1"}, "descriptions": [{"lang": "en", "value": "In TigerVNC before 1.16.2, Image.cxx in x0vncserver allows other users to observe or manipulate the screen contents, or cause an application crash, because of incorrect permissions."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-732", "description": "CWE-732 Incorrect Permission Assignment for Critical Resource"}]}], "providerMetadata": {"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre", "dateUpdated": "2026-03-26T22:37:28.411Z"}}}, "cveMetadata": {"cveId": "CVE-2026-34352", "state": "PUBLISHED", "dateUpdated": "2026-03-27T13:53:48.564Z", "dateReserved": "2026-03-26T22:30:46.508Z", "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "datePublished": "2026-03-26T22:30:46.928Z", "assignerShortName": "mitre"}, "dataVersion": "5.2"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:tigervnc:tigervnc:*:*:*:*:*:*:*:*", "matchCriteriaId": "A1D26886-0F31-44FB-8112-F07B18A7ACDA", "versionEndExcluding": "1.16.2", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "In TigerVNC before 1.16.2, Image.cxx in x0vncserver allows other users to observe or manipulate the screen contents, or cause an application crash, because of incorrect permissions."}, {"lang": "es", "value": "En TigerVNC anterior a 1.16.2, Image.cxx en x0vncserver permite a otros usuarios observar o manipular el contenido de la pantalla, o causar un fallo de la aplicaci\u00f3n, debido a permisos incorrectos."}], "id": "CVE-2026-34352", "lastModified": "2026-04-02T20:16:16.010", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "LOW", "baseScore": 8.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:L/A:L", "version": "3.1"}, "exploitabilityScore": 2.5, "impactScore": 5.3, "source": "cve@mitre.org", "type": "Secondary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2026-03-26T23:16:20.903", "references": [{"source": "cve@mitre.org", "tags": ["Patch"], "url": "https://github.com/TigerVNC/tigervnc/commit/0b5cab169d847789efa54459a87659d3fd484393"}, {"source": "cve@mitre.org", "tags": ["Mailing List", "Patch"], "url": "https://groups.google.com/g/tigervnc-announce/c/anHL9WLshLI"}, {"source": "cve@mitre.org", "tags": ["Release Notes"], "url": "https://sourceforge.net/projects/tigervnc/files/stable/1.16.2"}, {"source": "cve@mitre.org", "tags": ["Mailing List", "Third Party Advisory"], "url": "https://www.openwall.com/lists/oss-security/2026/03/26/7"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-732"}], "source": "cve@mitre.org", "type": "Primary"}]}

{"bugzilla": {"description": "TigerVNC: x0vncserver: TigerVNC x0vncserver: Information disclosure, data manipulation, and denial of service via incorrect permissions", "id": "2452022", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2452022"}, "csaw": false, "cvss3": {"cvss3_base_score": "6.3", "cvss3_scoring_vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:L", "status": "draft"}, "cwe": "CWE-279", "details": ["A flaw was found in TigerVNC's x0vncserver component. Due to incorrect permissions in the Image.cxx file, other users on the system can observe or manipulate the screen contents of a running session. This vulnerability could also lead to an application crash, resulting in a Denial of Service (DoS)."], "mitigation": {"lang": "en:us", "value": "The x0vncserver component should be disabled if not actively required. If x0vncserver is necessary, ensure that only trusted users have access to the system where it is running. To disable the x0vncserver service, if it is running as a systemd service, you can use: `sudo systemctl stop x0vncserver.service` `sudo systemctl disable x0vncserver.service` If x0vncserver is launched manually, avoid running it in multi-user environments. A service restart or system reboot may be required for changes to take full effect."}, "name": "CVE-2026-34352", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Fix deferred", "package_name": "tigervnc", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Fix deferred", "package_name": "tigervnc", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Fix deferred", "package_name": "tigervnc", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Fix deferred", "package_name": "tigervnc", "product_name": "Red Hat Enterprise Linux 9"}], "public_date": "2026-03-26T22:30:46Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2026-34352\nhttps://nvd.nist.gov/vuln/detail/CVE-2026-34352\nhttps://github.com/TigerVNC/tigervnc/commit/0b5cab169d847789efa54459a87659d3fd484393\nhttps://groups.google.com/g/tigervnc-announce/c/anHL9WLshLI\nhttps://sourceforge.net/projects/tigervnc/files/stable/1.16.2\nhttps://www.openwall.com/lists/oss-security/2026/03/26/7"], "threat_severity": "Moderate"}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "[0,1.16.2)"}}], "enrichment": {"confidence": 100.0, "confidence_source": "matching", "scores": [{"score": 100.0, "source": "matching"}]}, "original": {"product": "TigerVNC", "source": "cna", "vendor": "TigerVNC"}, "product": "tigervnc", "vendor": "tigervnc"}], "analysis": {"en": {"generated_at": "2026-04-02T22:45:22.451668+00:00", "value": {"mitigation_remediation": ["Update TigerVNC to version 1.16.2 or later, which contains the fix for the permission issue.", "If an immediate update is not possible, restrict the execute permissions on the x0vncserver binary and any related files so that only trusted users or groups can access them.", "Ensure that users who should not use the VNC server are not members of the group that has permission to run the binary.", "Monitor system logs for anomalous VNC activity and consider disabling the x0vncserver feature if it is not required."], "summary": {"action": "Patch Now", "impact": "Information Disclosure and Denial of Service"}, "threat_synthesis": {"affected_systems": "The vulnerability affects TigerVNC, specifically versions earlier than 1.16.2. Users running any of those earlier releases on a multi\u2011user machine are at risk. Upgrading to 1.16.2 or later eliminates the issue.", "description_and_impact": "A flaw in TigerVNC\u2019s x0vncserver component, present before version 1.16.2, permits any other local user on the same system to view or alter the server\u2019s screen content and, in some cases, trigger a crash. This results in unauthorized data exposure, potential tampering with displayed information, and disruption of service. The underlying weakness stems from improper authorization and incorrect file permissions (CWE\u2011279 and CWE\u2011732).", "risk_and_exploitability": "The CVSS score of 8.5 indicates a high severity, but the EPSS score of less than 1% suggests that exploitation is unlikely to be widespread. The vulnerability is local; an attacker must be a separate user account on the same host and exploit the permissive executable permissions of x0vncserver. No remote exploitation vector is reported, and the flaw is not listed in the CISA KeV catalog, reducing the immediacy of known attacks but still requiring mitigation due to its high impact if a local attacker gains access."}}}}, "created": "2026-03-27T08:33:06.755366+00:00", "updated": "2026-04-03T09:38:46.088875+00:00", "vendors": ["tigervnc", "tigervnc$PRODUCT$tigervnc"]}