PT-2025-16172 · Unknown+2 · Jupyter-Remote-Desktop-Proxy+2

·

CVE-2025-32428

·

Published

2025-04-11

·

Updated

2026-06-29

CVSS v4.0

9.0

Critical

VectorAV:A/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H
Name of the Vulnerable Software and Affected Versions jupyter-remote-desktop-proxy versions 3.0.0 through 3.0.0
Description The issue allows unauthorized network access to TigerVNC, risking system compromise, when jupyter-remote-desktop-proxy is used with TigerVNC. This vulnerability does not affect users having TurboVNC as the vncserver executable.
Recommendations Update to version 3.0.1 to address this security issue. As a temporary workaround, consider switching to TurboVNC to mitigate the risk of exploitation.

Exploit

Fix

Integer Overflow

Exposure of Resource to Wrong Sphere

Found an issue in the description? Have something to add? Feel free to write us 👾

Weakness Enumeration

Related Identifiers

BDU:2025-10399
CVE-2025-32428
GHSA-VRQ4-9HC3-CGP7
PYSEC-2026-365

Affected Products

Tigervnc
Turbovnc
Jupyter-Remote-Desktop-Proxy