CVE-2026-32853

Source
https://cve.org/CVERecord?id=CVE-2026-32853
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-32853.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2026-32853
Aliases
  • GHSA-87q7-v983-qwcj
Downstream
Related
Published
2026-03-24T17:30:40.061Z
Modified
2026-07-08T08:12:48.441241602Z
Severity
  • 6.9 (Medium) CVSS_V4 - CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:L/SC:N/SI:N/SA:N CVSS Calculator
Summary
LibVNCServer UltraZip Encoding Heap Out-of-bounds Read
Details

LibVNCServer versions 0.9.15 and prior (fixed in commit 009008e) contain a heap out-of-bounds read vulnerability in the UltraZip encoding handler that allows a malicious VNC server to cause information disclosure or application crash. Attackers can exploit improper bounds checking in the HandleUltraZipBPP() function by manipulating subrectangle header counts to read beyond the allocated heap buffer.

Database specific
{
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/32xxx/CVE-2026-32853.json",
    "cwe_ids": [
        "CWE-125"
    ],
    "cna_assigner": "VulnCheck"
}
References

Affected packages

Git / github.com/libvnc/libvncserver

Affected ranges

Type
GIT
Repo
https://github.com/libvnc/libvncserver
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed
Fixed
Database specific
{
    "source": [
        "CPE_RANGE",
        "REFERENCES"
    ],
    "cpe": "cpe:2.3:a:libvncserver_project:libvncserver:*:*:*:*:*:*:*:*",
    "extracted_events": [
        {
            "introduced": "0"
        },
        {
            "fixed": "0.9.15"
        }
    ]
}

Affected versions

LibVNCServer-0.*
LibVNCServer-0.9.10
LibVNCServer-0.9.11
LibVNCServer-0.9.12
LibVNCServer-0.9.13
LibVNCServer-0.9.14
LibVNCServer-0.9.15
LibVNCServer-0.9.8
LibVNCServer-0.9.9
Other
X11VNC_0_9_10
X11VNC_0_9_11
X11VNC_0_9_12
X11VNC_0_9_7
X11VNC_0_9_8
X11VNC_0_9_9
X11VNC_REL_0_9_4
X11VNC_REL_0_9_5
X11VNC_REL_0_9_6

Database specific

source
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-32853.json"