Home / Vulnerability Intelligence / CVE-2026-34352

CVE-2026-34352 - Vulnerability Analysis

HighCVSS: 8.5

Last Updated: March 26, 2026

TigerVNC - Broken Access Control

Published: March 26, 2026Updated: March 26, 2026

Overview

TigerVNC < 1.16.2 contains a broken access control caused by incorrect permissions in Image.cxx in x0vncserver, letting other users observe or manipulate screen contents or cause application crash, exploit requires local user access.

Severity & Score

Severity: High

CVSS Score: 8.5

EPSS Score: 1.0%(Probability of exploitation in next 30 days)

Impact

Other users can view or manipulate screen contents or crash the application, risking data exposure or denial of service.

Mitigation

Upgrade to version 1.16.2 or later.

References

Social Media Activity(1 post)

TheHackerWire

@thehackerwire

Mar 26, 2026

🟠 CVE-2026-34352 - High (8.5) In TigerVNC before 1.16.2, Image.cxx in x0vncserver allows other users to observe or manipulate the screen contents, or cause an application crash, because of incorrect permissions. 🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-34352/ #CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

View original post

Related Resources

Details

CVE ID: CVE-2026-34352
Severity: High
CVSS Score: 8.5
Type: broken_access_control
Status: new
EPSS: 1.0%
Social Posts: 1

CWE

CWE-732

CVSS Metrics

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:L/A:L

EPSS Score

1.0%Probability of exploitation in the next 30 days