← Back to CVEs
CVE-2026-32853
HIGH8.1
Description
LibVNCServer versions 0.9.15 and prior (fixed in commit 009008e) contain a heap out-of-bounds read vulnerability in the UltraZip encoding handler that allows a malicious VNC server to cause information disclosure or application crash. Attackers can exploit improper bounds checking in the HandleUltraZipBPP() function by manipulating subrectangle header counts to read beyond the allocated heap buffer.
CVE Details
CVSS v3.1 Score8.1
SeverityHIGH
CVSS VectorCVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H
Attack VectorNETWORK
ComplexityLOW
Privileges RequiredNONE
User InteractionREQUIRED
Published3/24/2026
Last Modified3/25/2026
Sourcenvd
Honeypot Sightings0
Affected Products
libvncserver_project:libvncserver
Weaknesses (CWE)
CWE-125
References
https://github.com/LibVNC/libvncserver/commit/009008e2f4d5a54dd71f422070df3af7b3dbc931(disclosure@vulncheck.com)
https://github.com/LibVNC/libvncserver/security/advisories/GHSA-87q7-v983-qwcj(disclosure@vulncheck.com)
https://www.vulncheck.com/advisories/libvncserver-ultrazip-encoding-heap-out-of-bounds-read(disclosure@vulncheck.com)
https://github.com/LibVNC/libvncserver/security/advisories/GHSA-87q7-v983-qwcj(134c704f-9b21-4f2e-91b3-4a467353bcc0)
IOC Correlations
No correlations recorded
This product uses data from the NVD API but is not endorsed or certified by the NVD.