CVE-2026-32853HIGH 8.1EPSS p34.8%

CVE-2026-32853CVE-2026-32853

Description

LibVNCServer versions 0.9.15 and prior (fixed in commit 009008e) contain a heap out-of-bounds read vulnerability in the UltraZip encoding handler that allows a malicious VNC server to cause information disclosure or application crash. Attackers can exploit improper bounds checking in the HandleUltraZipBPP() function by manipulating subrectangle header counts to read beyond the allocated heap buffer.

Scoring

CVSS 3.18.1 (HIGH)
VectorCVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H
EPSS0.44% probability of exploitation · percentile 34.8% · 2026-06-18T12:00:27Z
Published2026-03-24
Last modified2026-03-25

Underlying weaknesses· 1

CWE-125

References

  1. https://github.com/LibVNC/libvncserver/commit/009008e2f4d5a54dd71f422070df3af7b3dbc931
  2. https://github.com/LibVNC/libvncserver/security/advisories/GHSA-87q7-v983-qwcj
  3. https://www.vulncheck.com/advisories/libvncserver-ultrazip-encoding-heap-out-of-bounds-read
  4. https://github.com/LibVNC/libvncserver/security/advisories/GHSA-87q7-v983-qwcj

1

TypeTargetConfidenceTier
WeaknessOut-of-bounds Readcwe-1250%live

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CVE
CVE-2026-44988
CVE
CVE-2026-4424
CVE
CVE-2026-34352
CVE
Linux Kernel Out-of-Bounds Write Vulnerability
CVE
CVE-2026-20884
CVE
CVE-2026-20889
Sourced from NVD + FIRST.org EPSS. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.