Fluid Attacks Database

Description

In TigerVNC before 1.16.2, Image.cxx in x0vncserver allows other users to observe or manipulate the screen contents, or cause an application crash, because of incorrect permissions.

Mitigation

Update Impact

Minimal update. May introduce new vulnerabilities or breaking changes.

Ecosystem	Package	Affected version	Patched versions
rpm rhel6	tigervnc	-	-
rpm rhel9	tigervnc	<0:1.15.0-7.el9_8.1	0:1.15.0-7.el9_8.1
rpm rhel8	tigervnc	<0:1.15.0-9.el8_10	0:1.15.0-9.el8_10
debian 11	tigervnc	=1.11.0+dfsg-2 \|\| =1.11.0+dfsg-2+deb11u1 \|\| =1.11.0+dfsg-3 \|\| =1.12.0+dfsg-1 \|\| =1.12.0+dfsg-2 \|\| =1.12.0+dfsg-3 \|\| =1.12.0+dfsg-4 \|\| =1.12.0+dfsg-5 \|\| =1.12.0+dfsg-6 \|\| =1.12.0+dfsg-7 \|\| =1.12.0+dfsg-8 \|\| =1.13.1+dfsg-1 \|\| =1.13.1+dfsg-2 \|\| =1.13.1+dfsg-3 \|\| =1.14.1+dfsg-1 \|\| =1.15.0+dfsg-1 \|\| =1.15.0+dfsg-2	-
debian 14	tigervnc	=1.15.0+dfsg-2	-
debian 13	tigervnc	=1.15.0+dfsg-2	-
debian 12	tigervnc	=1.12.0+dfsg-8 \|\| =1.13.1+dfsg-1 \|\| =1.13.1+dfsg-2 \|\| =1.13.1+dfsg-3 \|\| =1.14.1+dfsg-1 \|\| =1.15.0+dfsg-1 \|\| =1.15.0+dfsg-2	-
rpm rhel7	tigervnc	-	-
rpm rhel9.4	tigervnc	<0:1.13.1-8.el9_4.9	0:1.13.1-8.el9_4.9
rpm rhel9.6	tigervnc	<0:1.14.1-10.el9_6	0:1.14.1-10.el9_6

1-10 of 11

Aliases

1. CVE-2026-343522. NVD-2026-343523. OSV-2026-343524. OSV-DEBIAN-2026-343525. SECURITY-TRACKER-CVE-2026-34352

Does your application use this vulnerable software?

During the free trial, our tools assess your application, identify vulnerabilities, and provide recommendations for their remediation.