CVE-2026-34352

CVSS v3.1

9.8

Critical

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions TigerVNC versions prior to 1.16.2

Description The software contains a flaw in the Image.cxx file within the x0vncserver component. Incorrect permissions allow other users to potentially observe or manipulate the screen content, or cause the application to crash.

Recommendations Update TigerVNC to version 1.16.2 or later.

Fix

DoS

Incorrect Permission

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-732

Related Identifiers

ALSA-2026:10739

ALSA-2026:13414

CVE-2026-34352

MGASA-2026-0088

OPENSUSE-SU-2026:10470-1

OPENSUSE-SU-2026:20465-1

RHSA-2026:10739

RHSA-2026:13414

RHSA-2026:19342

SUSE-SU-2026:1252-1

SUSE-SU-2026:1301-1

SUSE-SU-2026:1302-1

SUSE-SU-2026:1303-1

SUSE-SU-2026:1360-1

SUSE-SU-2026:21140-1

Affected Products

Rocky Linux

Tigervnc

CVE-2026-34352

Weakness Enumeration

Related Identifiers

Affected Products

References · 56