{"dataType": "CVE_RECORD", "cveMetadata": {"cveId": "CVE-2026-34352", "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "state": "PUBLISHED", "assignerShortName": "mitre", "dateReserved": "2026-03-26T22:30:46.508Z", "datePublished": "2026-03-26T22:30:46.928Z", "dateUpdated": "2026-03-27T13:53:48.564Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "product": "TigerVNC", "vendor": "TigerVNC", "versions": [{"lessThan": "1.16.2", "status": "affected", "version": "0", "versionType": "semver"}]}], "descriptions": [{"lang": "en", "value": "In TigerVNC before 1.16.2, Image.cxx in x0vncserver allows other users to observe or manipulate the screen contents, or cause an application crash, because of incorrect permissions."}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "LOW", "baseScore": 8.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:L/A:L", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-732", "description": "CWE-732 Incorrect Permission Assignment for Critical Resource", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre", "dateUpdated": "2026-03-26T22:37:28.411Z"}, "references": [{"url": "https://www.openwall.com/lists/oss-security/2026/03/26/7"}, {"url": "https://github.com/TigerVNC/tigervnc/commit/0b5cab169d847789efa54459a87659d3fd484393"}, {"url": "https://sourceforge.net/projects/tigervnc/files/stable/1.16.2"}, {"url": "https://groups.google.com/g/tigervnc-announce/c/anHL9WLshLI"}], "x_generator": {"engine": "CVE-Request-form 0.0.1"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-03-27T13:28:49.782878Z", "id": "CVE-2026-34352", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-03-27T13:53:48.564Z"}}]}, "dataVersion": "5.2"}

{"dataType": "CVE_RECORD", "cveMetadata": {"cveId": "CVE-2026-34352", "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "state": "PUBLISHED", "assignerShortName": "mitre", "dateReserved": "2026-03-26T22:30:46.508Z", "datePublished": "2026-03-26T22:30:46.928Z", "dateUpdated": "2026-03-27T13:53:48.564Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "product": "TigerVNC", "vendor": "TigerVNC", "versions": [{"lessThan": "1.16.2", "status": "affected", "version": "0", "versionType": "semver"}]}], "descriptions": [{"lang": "en", "value": "In TigerVNC before 1.16.2, Image.cxx in x0vncserver allows other users to observe or manipulate the screen contents, or cause an application crash, because of incorrect permissions."}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "LOW", "baseScore": 8.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:L/A:L", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-732", "description": "CWE-732 Incorrect Permission Assignment for Critical Resource", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre", "dateUpdated": "2026-03-26T22:37:28.411Z"}, "references": [{"url": "https://www.openwall.com/lists/oss-security/2026/03/26/7"}, {"url": "https://github.com/TigerVNC/tigervnc/commit/0b5cab169d847789efa54459a87659d3fd484393"}, {"url": "https://sourceforge.net/projects/tigervnc/files/stable/1.16.2"}, {"url": "https://groups.google.com/g/tigervnc-announce/c/anHL9WLshLI"}], "x_generator": {"engine": "CVE-Request-form 0.0.1"}}, "adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2026-34352", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2026-03-27T13:28:49.782878Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-03-27T13:28:53.233Z"}}]}, "dataVersion": "5.2"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "In TigerVNC before 1.16.2, Image.cxx in x0vncserver allows other users to observe or manipulate the screen contents, or cause an application crash, because of incorrect permissions."}], "id": "CVE-2026-34352", "lastModified": "2026-03-26T23:16:20.903", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "LOW", "baseScore": 8.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:L/A:L", "version": "3.1"}, "exploitabilityScore": 2.5, "impactScore": 5.3, "source": "cve@mitre.org", "type": "Secondary"}]}, "published": "2026-03-26T23:16:20.903", "references": [{"source": "cve@mitre.org", "url": "https://github.com/TigerVNC/tigervnc/commit/0b5cab169d847789efa54459a87659d3fd484393"}, {"source": "cve@mitre.org", "url": "https://groups.google.com/g/tigervnc-announce/c/anHL9WLshLI"}, {"source": "cve@mitre.org", "url": "https://sourceforge.net/projects/tigervnc/files/stable/1.16.2"}, {"source": "cve@mitre.org", "url": "https://www.openwall.com/lists/oss-security/2026/03/26/7"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Received", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-732"}], "source": "cve@mitre.org", "type": "Primary"}]}

{"bugzilla": {"description": "TigerVNC: x0vncserver: TigerVNC x0vncserver: Information disclosure, data manipulation, and denial of service via incorrect permissions", "id": "2452022", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2452022"}, "csaw": false, "cvss3": {"cvss3_base_score": "6.3", "cvss3_scoring_vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:L", "status": "draft"}, "cwe": "CWE-279", "details": ["A flaw was found in TigerVNC's x0vncserver component. Due to incorrect permissions in the Image.cxx file, other users on the system can observe or manipulate the screen contents of a running session. This vulnerability could also lead to an application crash, resulting in a Denial of Service (DoS)."], "mitigation": {"lang": "en:us", "value": "The x0vncserver component should be disabled if not actively required. If x0vncserver is necessary, ensure that only trusted users have access to the system where it is running. To disable the x0vncserver service, if it is running as a systemd service, you can use: `sudo systemctl stop x0vncserver.service` `sudo systemctl disable x0vncserver.service` If x0vncserver is launched manually, avoid running it in multi-user environments. A service restart or system reboot may be required for changes to take full effect."}, "name": "CVE-2026-34352", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Fix deferred", "package_name": "tigervnc", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Fix deferred", "package_name": "tigervnc", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Fix deferred", "package_name": "tigervnc", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Fix deferred", "package_name": "tigervnc", "product_name": "Red Hat Enterprise Linux 9"}], "public_date": "2026-03-26T22:30:46Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2026-34352\nhttps://nvd.nist.gov/vuln/detail/CVE-2026-34352\nhttps://github.com/TigerVNC/tigervnc/commit/0b5cab169d847789efa54459a87659d3fd484393\nhttps://groups.google.com/g/tigervnc-announce/c/anHL9WLshLI\nhttps://sourceforge.net/projects/tigervnc/files/stable/1.16.2\nhttps://www.openwall.com/lists/oss-security/2026/03/26/7"], "threat_severity": "Moderate"}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "[0,1.16.2)"}}], "enrichment": {"confidence": 100.0, "confidence_source": "matching", "scores": [{"score": 100.0, "source": "matching"}]}, "original": {"product": "TigerVNC", "source": "cna", "vendor": "TigerVNC"}, "product": "tigervnc", "vendor": "tigervnc"}], "analysis": {"en": {"generated_at": "2026-03-27T06:37:57.011135+00:00", "value": {"mitigation_remediation": ["Upgrade TigerVNC to version 1.16.2 or later from the official repository or release page. ", "Verify that the installed binary reports the patched version and that the Image.cxx source reflects the security fix. ", "Restrict local access to the Xvnc service by ensuring only authorized users can run the server, for example by setting strict file permissions on the X server socket or by configuring the daemon to run under a dedicated account. "], "summary": {"action": "Immediate Patch", "impact": "Unauthorized screen content exposure and potential denial of service"}, "threat_synthesis": {"affected_systems": "The issue affects installations of TigerVNC version 1.16.1 and earlier. Users deploying these versions should verify their current release; upgrading to 1.16.2 or later eliminates the exposed permissions bug.", "description_and_impact": "A misconfigured permission in TigerVNC\u2019s Image.cxx within the x0vncserver module allows local users to view or manipulate the screen contents, or trigger a crash of the application. This vulnerability can lead to confidential information being disclosed or the remote desktop session being disrupted, thereby compromising the integrity and availability of the graphical environment.", "risk_and_exploitability": "The CVSS score of 8.5 indicates a high severity vulnerability. Although no EPSS value is supplied, the exploit requires only local access, meaning any user with the same host privileges could exploit it. The vulnerability is not listed in the CISA KEV catalogue, but its high impact and local nature warrant urgent attention. It is inferred that the attack vector is local via shared memory or file permissions."}}}}, "created": "2026-03-27T08:33:06.755366+00:00", "title": "Permission Misconfiguration Allows Unauthorized Access to Screen Content in TigerVNC", "updated": "2026-03-27T09:22:56.439996+00:00", "vendors": ["tigervnc", "tigervnc$PRODUCT$tigervnc"]}