UBUNTU-CVE-2026-32854

See a problem?
Please try reporting it to the source first.
Source
https://ubuntu.com/security/CVE-2026-32854
Import Source
https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2026/UBUNTU-CVE-2026-32854.json
JSON Data
https://api.osv.dev/v1/vulns/UBUNTU-CVE-2026-32854
Upstream
  • CVE-2026-32854
Published
2026-03-24T18:16:00Z
Modified
2026-05-20T16:25:24.473415487Z
Severity
  • 6.3 (Medium) CVSS_V4 - CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N CVSS Calculator
  • 7.5 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
  • Ubuntu - medium
Summary
[none]
Details

LibVNCServer versions 0.9.15 and prior (fixed in commit dc78dee) contain null pointer dereference vulnerabilities in the HTTP proxy handlers within httpProcessInput() in httpd.c that allow remote attackers to cause a denial of service by sending specially crafted HTTP requests. Attackers can exploit missing validation of strchr() return values in the CONNECT and GET proxy handling paths to trigger null pointer dereferences and crash the server when httpd and proxy features are enabled.

References

Affected packages

Ubuntu:14.04:LTS
x11vnc

Package

Name
x11vnc
Purl
pkg:deb/ubuntu/x11vnc?arch=source&distro=trusty

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

0.*
0.9.13-1.1

Ecosystem specific 

{
    "binaries": [
        {
            "binary_name": "x11vnc",
            "binary_version": "0.9.13-1.1"
        },
        {
            "binary_name": "x11vnc-data",
            "binary_version": "0.9.13-1.1"
        }
    ]
}

Database specific

source 
"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2026/UBUNTU-CVE-2026-32854.json"
Ubuntu:16.04:LTS
libvncserver

Package

Name
libvncserver
Purl
pkg:deb/ubuntu/libvncserver?arch=source&distro=xenial

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

0.*
0.9.10+dfsg-3
0.9.10+dfsg-3build1
0.9.10+dfsg-3ubuntu0.16.04.1
0.9.10+dfsg-3ubuntu0.16.04.2
0.9.10+dfsg-3ubuntu0.16.04.3
0.9.10+dfsg-3ubuntu0.16.04.4
0.9.10+dfsg-3ubuntu0.16.04.5
0.9.10+dfsg-3ubuntu0.16.04.6

Ecosystem specific 

{
    "binaries": [
        {
            "binary_name": "libvncclient1",
            "binary_version": "0.9.10+dfsg-3ubuntu0.16.04.6"
        },
        {
            "binary_name": "libvncserver-config",
            "binary_version": "0.9.10+dfsg-3ubuntu0.16.04.6"
        },
        {
            "binary_name": "libvncserver1",
            "binary_version": "0.9.10+dfsg-3ubuntu0.16.04.6"
        }
    ]
}

Database specific

source 
"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2026/UBUNTU-CVE-2026-32854.json"
vino

Package

Name
vino
Purl
pkg:deb/ubuntu/vino?arch=source&distro=xenial

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

3.*
3.8.1-0ubuntu6
3.8.1-0ubuntu7
3.8.1-0ubuntu8
3.8.1-0ubuntu9
3.8.1-0ubuntu9.1
3.8.1-0ubuntu9.2
3.8.1-0ubuntu9.3
3.8.1-0ubuntu9.4

Ecosystem specific 

{
    "binaries": [
        {
            "binary_name": "vino",
            "binary_version": "3.8.1-0ubuntu9.4"
        }
    ]
}

Database specific

source 
"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2026/UBUNTU-CVE-2026-32854.json"
italc

Package

Name
italc
Purl
pkg:deb/ubuntu/italc?arch=source&distro=xenial

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

1:2.*
1:2.0.2+dfsg1-3
1:2.0.2+dfsg1-4
1:2.0.2+dfsg1-4ubuntu0.1

Ecosystem specific 

{
    "binaries": [
        {
            "binary_name": "italc-client",
            "binary_version": "1:2.0.2+dfsg1-4ubuntu0.1"
        },
        {
            "binary_name": "italc-management-console",
            "binary_version": "1:2.0.2+dfsg1-4ubuntu0.1"
        },
        {
            "binary_name": "italc-master",
            "binary_version": "1:2.0.2+dfsg1-4ubuntu0.1"
        },
        {
            "binary_name": "libitalccore",
            "binary_version": "1:2.0.2+dfsg1-4ubuntu0.1"
        }
    ]
}

Database specific

source 
"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2026/UBUNTU-CVE-2026-32854.json"
tightvnc

Package

Name
tightvnc
Purl
pkg:deb/ubuntu/tightvnc?arch=source&distro=xenial

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

1.*
1.3.10-0ubuntu2
1.3.10-0ubuntu3

Ecosystem specific 

{
    "binaries": [
        {
            "binary_name": "tightvncserver",
            "binary_version": "1.3.10-0ubuntu3"
        },
        {
            "binary_name": "xtightvncviewer",
            "binary_version": "1.3.10-0ubuntu3"
        }
    ]
}

Database specific

source 
"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2026/UBUNTU-CVE-2026-32854.json"
Ubuntu:18.04:LTS
libvncserver

Package

Name
libvncserver
Purl
pkg:deb/ubuntu/libvncserver?arch=source&distro=bionic

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

0.*
0.9.11+dfsg-1
0.9.11+dfsg-1ubuntu1
0.9.11+dfsg-1ubuntu1.1
0.9.11+dfsg-1ubuntu1.2
0.9.11+dfsg-1ubuntu1.3
0.9.11+dfsg-1ubuntu1.4

Ecosystem specific 

{
    "binaries": [
        {
            "binary_name": "libvncclient1",
            "binary_version": "0.9.11+dfsg-1ubuntu1.4"
        },
        {
            "binary_name": "libvncserver-config",
            "binary_version": "0.9.11+dfsg-1ubuntu1.4"
        },
        {
            "binary_name": "libvncserver1",
            "binary_version": "0.9.11+dfsg-1ubuntu1.4"
        }
    ]
}

Database specific

source 
"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2026/UBUNTU-CVE-2026-32854.json"
vino

Package

Name
vino
Purl
pkg:deb/ubuntu/vino?arch=source&distro=bionic

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

3.*
3.8.1-0ubuntu12
3.22.0-2ubuntu1
3.22.0-3ubuntu1
3.22.0-3ubuntu1.1
3.22.0-3ubuntu1.2

Ecosystem specific 

{
    "binaries": [
        {
            "binary_name": "vino",
            "binary_version": "3.22.0-3ubuntu1.2"
        }
    ]
}

Database specific

source 
"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2026/UBUNTU-CVE-2026-32854.json"
italc

Package

Name
italc
Purl
pkg:deb/ubuntu/italc?arch=source&distro=bionic

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

1:3.*
1:3.0.3+dfsg1-1
1:3.0.3+dfsg1-2
1:3.0.3+dfsg1-2build1
1:3.0.3+dfsg1-2ubuntu1
1:3.0.3+dfsg1-3
1:3.0.3+dfsg1-3ubuntu0.1

Ecosystem specific 

{
    "binaries": [
        {
            "binary_name": "italc-client",
            "binary_version": "1:3.0.3+dfsg1-3ubuntu0.1"
        },
        {
            "binary_name": "italc-management-console",
            "binary_version": "1:3.0.3+dfsg1-3ubuntu0.1"
        },
        {
            "binary_name": "italc-master",
            "binary_version": "1:3.0.3+dfsg1-3ubuntu0.1"
        },
        {
            "binary_name": "libitalccore",
            "binary_version": "1:3.0.3+dfsg1-3ubuntu0.1"
        }
    ]
}

Database specific

source 
"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2026/UBUNTU-CVE-2026-32854.json"
tightvnc

Package

Name
tightvnc
Purl
pkg:deb/ubuntu/tightvnc?arch=source&distro=bionic

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

1.*
1.3.10-0ubuntu3
1.3.10-0ubuntu4

Ecosystem specific 

{
    "binaries": [
        {
            "binary_name": "tightvncserver",
            "binary_version": "1.3.10-0ubuntu4"
        },
        {
            "binary_name": "xtightvncviewer",
            "binary_version": "1.3.10-0ubuntu4"
        }
    ]
}

Database specific

source 
"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2026/UBUNTU-CVE-2026-32854.json"
Ubuntu:20.04:LTS
libvncserver

Package

Name
libvncserver
Purl
pkg:deb/ubuntu/libvncserver?arch=source&distro=focal

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

0.*
0.9.11+dfsg-1.3
0.9.12+dfsg-3ubuntu3
0.9.12+dfsg-6
0.9.12+dfsg-7
0.9.12+dfsg-8
0.9.12+dfsg-9
0.9.12+dfsg-9ubuntu0.1
0.9.12+dfsg-9ubuntu0.2
0.9.12+dfsg-9ubuntu0.3

Ecosystem specific 

{
    "binaries": [
        {
            "binary_name": "libvncclient1",
            "binary_version": "0.9.12+dfsg-9ubuntu0.3"
        },
        {
            "binary_name": "libvncserver1",
            "binary_version": "0.9.12+dfsg-9ubuntu0.3"
        }
    ]
}

Database specific

source 
"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2026/UBUNTU-CVE-2026-32854.json"
vino

Package

Name
vino
Purl
pkg:deb/ubuntu/vino?arch=source&distro=focal

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

3.*
3.22.0-5ubuntu2
3.22.0-5ubuntu2.1
3.22.0-5ubuntu2.2

Ecosystem specific 

{
    "binaries": [
        {
            "binary_name": "vino",
            "binary_version": "3.22.0-5ubuntu2.2"
        }
    ]
}

Database specific

source 
"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2026/UBUNTU-CVE-2026-32854.json"
tightvnc

Package

Name
tightvnc
Purl
pkg:deb/ubuntu/tightvnc?arch=source&distro=focal

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

1.*
1.3.10-0ubuntu5

Ecosystem specific 

{
    "binaries": [
        {
            "binary_name": "tightvncserver",
            "binary_version": "1.3.10-0ubuntu5"
        },
        {
            "binary_name": "xtightvncviewer",
            "binary_version": "1.3.10-0ubuntu5"
        }
    ]
}

Database specific

source 
"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2026/UBUNTU-CVE-2026-32854.json"
veyon

Package

Name
veyon
Purl
pkg:deb/ubuntu/veyon?arch=source&distro=focal

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

4.*
4.2.4+repack1-2
4.2.5+repack1-1
4.3.1+repack1-1
4.3.1+repack1-2
4.3.1+repack1-2build1
4.3.1+repack1-2build2

Ecosystem specific 

{
    "binaries": [
        {
            "binary_name": "libveyon-core",
            "binary_version": "4.3.1+repack1-2build2"
        },
        {
            "binary_name": "veyon-configurator",
            "binary_version": "4.3.1+repack1-2build2"
        },
        {
            "binary_name": "veyon-master",
            "binary_version": "4.3.1+repack1-2build2"
        },
        {
            "binary_name": "veyon-plugins",
            "binary_version": "4.3.1+repack1-2build2"
        },
        {
            "binary_name": "veyon-service",
            "binary_version": "4.3.1+repack1-2build2"
        }
    ]
}

Database specific

source 
"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2026/UBUNTU-CVE-2026-32854.json"
Ubuntu:22.04:LTS
libvncserver

Package

Name
libvncserver
Purl
pkg:deb/ubuntu/libvncserver?arch=source&distro=jammy

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

0.*
0.9.13+dfsg-3
0.9.13+dfsg-3build1
0.9.13+dfsg-3build2

Ecosystem specific 

{
    "binaries": [
        {
            "binary_name": "libvncclient1",
            "binary_version": "0.9.13+dfsg-3build2"
        },
        {
            "binary_name": "libvncserver1",
            "binary_version": "0.9.13+dfsg-3build2"
        }
    ]
}

Database specific

source 
"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2026/UBUNTU-CVE-2026-32854.json"
tightvnc

Package

Name
tightvnc
Purl
pkg:deb/ubuntu/tightvnc?arch=source&distro=jammy

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

1:1.*
1:1.3.10-3
1:1.3.10-5

Ecosystem specific 

{
    "binaries": [
        {
            "binary_name": "tightvncpasswd",
            "binary_version": "1:1.3.10-5"
        },
        {
            "binary_name": "tightvncserver",
            "binary_version": "1:1.3.10-5"
        },
        {
            "binary_name": "xtightvncviewer",
            "binary_version": "1:1.3.10-5"
        }
    ]
}

Database specific

source 
"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2026/UBUNTU-CVE-2026-32854.json"
veyon

Package

Name
veyon
Purl
pkg:deb/ubuntu/veyon?arch=source&distro=jammy

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

4.*
4.5.3+repack1-1build1
4.5.3+repack1-1build2

Ecosystem specific 

{
    "binaries": [
        {
            "binary_name": "libveyon-core",
            "binary_version": "4.5.3+repack1-1build2"
        },
        {
            "binary_name": "veyon-configurator",
            "binary_version": "4.5.3+repack1-1build2"
        },
        {
            "binary_name": "veyon-master",
            "binary_version": "4.5.3+repack1-1build2"
        },
        {
            "binary_name": "veyon-plugins",
            "binary_version": "4.5.3+repack1-1build2"
        },
        {
            "binary_name": "veyon-service",
            "binary_version": "4.5.3+repack1-1build2"
        }
    ]
}

Database specific

source 
"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2026/UBUNTU-CVE-2026-32854.json"
vino

Package

Name
vino
Purl
pkg:deb/ubuntu/vino?arch=source&distro=jammy

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

3.*
3.22.0-6ubuntu3

Ecosystem specific 

{
    "binaries": [
        {
            "binary_name": "vino",
            "binary_version": "3.22.0-6ubuntu3"
        }
    ]
}

Database specific

source 
"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2026/UBUNTU-CVE-2026-32854.json"
x11vnc

Package

Name
x11vnc
Purl
pkg:deb/ubuntu/x11vnc?arch=source&distro=jammy

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

0.*
0.9.16-7
0.9.16-7build1
0.9.16-8

Ecosystem specific 

{
    "binaries": [
        {
            "binary_name": "x11vnc",
            "binary_version": "0.9.16-8"
        }
    ]
}

Database specific

source 
"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2026/UBUNTU-CVE-2026-32854.json"
Ubuntu:24.04:LTS
libvncserver

Package

Name
libvncserver
Purl
pkg:deb/ubuntu/libvncserver?arch=source&distro=noble

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

0.*
0.9.14+dfsg-1
0.9.14+dfsg-1build1
0.9.14+dfsg-1build2

Ecosystem specific 

{
    "binaries": [
        {
            "binary_name": "libvncclient1",
            "binary_version": "0.9.14+dfsg-1build2"
        },
        {
            "binary_name": "libvncserver1",
            "binary_version": "0.9.14+dfsg-1build2"
        }
    ]
}

Database specific

source 
"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2026/UBUNTU-CVE-2026-32854.json"
tightvnc

Package

Name
tightvnc
Purl
pkg:deb/ubuntu/tightvnc?arch=source&distro=noble

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

1:1.*
1:1.3.10-7
1:1.3.10-7build1
1:1.3.10-7build2
1:1.3.10-8

Ecosystem specific 

{
    "binaries": [
        {
            "binary_name": "tightvncpasswd",
            "binary_version": "1:1.3.10-8"
        },
        {
            "binary_name": "tightvncserver",
            "binary_version": "1:1.3.10-8"
        },
        {
            "binary_name": "xtightvncviewer",
            "binary_version": "1:1.3.10-8"
        }
    ]
}

Database specific

source 
"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2026/UBUNTU-CVE-2026-32854.json"
veyon

Package

Name
veyon
Purl
pkg:deb/ubuntu/veyon?arch=source&distro=noble

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

4.*
4.7.5+repack1-1build2
4.7.5+repack1-1ubuntu1
4.7.5+repack1-1ubuntu3
4.7.5+repack1-1ubuntu4
4.7.5+repack1-1ubuntu5

Ecosystem specific 

{
    "binaries": [
        {
            "binary_name": "libveyon-core",
            "binary_version": "4.7.5+repack1-1ubuntu5"
        },
        {
            "binary_name": "veyon-configurator",
            "binary_version": "4.7.5+repack1-1ubuntu5"
        },
        {
            "binary_name": "veyon-master",
            "binary_version": "4.7.5+repack1-1ubuntu5"
        },
        {
            "binary_name": "veyon-plugins",
            "binary_version": "4.7.5+repack1-1ubuntu5"
        },
        {
            "binary_name": "veyon-service",
            "binary_version": "4.7.5+repack1-1ubuntu5"
        }
    ]
}

Database specific

source 
"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2026/UBUNTU-CVE-2026-32854.json"
vino

Package

Name
vino
Purl
pkg:deb/ubuntu/vino?arch=source&distro=noble

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

3.*
3.22.0-6ubuntu3
3.22.0-6ubuntu4
3.22.0-6ubuntu5

Ecosystem specific 

{
    "binaries": [
        {
            "binary_name": "vino",
            "binary_version": "3.22.0-6ubuntu5"
        }
    ]
}

Database specific

source 
"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2026/UBUNTU-CVE-2026-32854.json"
x11vnc

Package

Name
x11vnc
Purl
pkg:deb/ubuntu/x11vnc?arch=source&distro=noble

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

0.*
0.9.16-9
0.9.16-9ubuntu1
0.9.16-10

Ecosystem specific 

{
    "binaries": [
        {
            "binary_name": "x11vnc",
            "binary_version": "0.9.16-10"
        }
    ]
}

Database specific

source 
"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2026/UBUNTU-CVE-2026-32854.json"
Ubuntu:25.10
libvncserver

Package

Name
libvncserver
Purl
pkg:deb/ubuntu/libvncserver?arch=source&distro=questing

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

0.*
0.9.14+dfsg-1build2
0.9.15+dfsg-1

Ecosystem specific 

{
    "binaries": [
        {
            "binary_name": "libvncclient1",
            "binary_version": "0.9.15+dfsg-1"
        },
        {
            "binary_name": "libvncserver1",
            "binary_version": "0.9.15+dfsg-1"
        }
    ]
}

Database specific

source 
"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2026/UBUNTU-CVE-2026-32854.json"
tightvnc

Package

Name
tightvnc
Purl
pkg:deb/ubuntu/tightvnc?arch=source&distro=questing

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

1:1.*
1:1.3.10-9
1:1.3.10-10

Ecosystem specific 

{
    "binaries": [
        {
            "binary_name": "tightvncpasswd",
            "binary_version": "1:1.3.10-10"
        },
        {
            "binary_name": "tightvncserver",
            "binary_version": "1:1.3.10-10"
        },
        {
            "binary_name": "xtightvncviewer",
            "binary_version": "1:1.3.10-10"
        }
    ]
}

Database specific

source 
"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2026/UBUNTU-CVE-2026-32854.json"
veyon

Package

Name
veyon
Purl
pkg:deb/ubuntu/veyon?arch=source&distro=questing

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

4.*
4.7.5+repack1-1ubuntu6
4.7.5+repack1-1ubuntu7
4.9.7+repack1-1

Ecosystem specific 

{
    "binaries": [
        {
            "binary_name": "libveyon-core",
            "binary_version": "4.9.7+repack1-1"
        },
        {
            "binary_name": "veyon-configurator",
            "binary_version": "4.9.7+repack1-1"
        },
        {
            "binary_name": "veyon-master",
            "binary_version": "4.9.7+repack1-1"
        },
        {
            "binary_name": "veyon-plugins",
            "binary_version": "4.9.7+repack1-1"
        },
        {
            "binary_name": "veyon-service",
            "binary_version": "4.9.7+repack1-1"
        }
    ]
}

Database specific

source 
"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2026/UBUNTU-CVE-2026-32854.json"
vino

Package

Name
vino
Purl
pkg:deb/ubuntu/vino?arch=source&distro=questing

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

3.*
3.22.0-7ubuntu1

Ecosystem specific 

{
    "binaries": [
        {
            "binary_name": "vino",
            "binary_version": "3.22.0-7ubuntu1"
        }
    ]
}

Database specific

source 
"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2026/UBUNTU-CVE-2026-32854.json"
x11vnc

Package

Name
x11vnc
Purl
pkg:deb/ubuntu/x11vnc?arch=source&distro=questing

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

0.*
0.9.16-10
0.9.17-1

Ecosystem specific 

{
    "binaries": [
        {
            "binary_name": "x11vnc",
            "binary_version": "0.9.17-1"
        }
    ]
}

Database specific

source 
"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2026/UBUNTU-CVE-2026-32854.json"
Ubuntu:26.04:LTS
libvncserver

Package

Name
libvncserver
Purl
pkg:deb/ubuntu/libvncserver?arch=source&distro=resolute

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

0.*
0.9.15+dfsg-1
0.9.15+dfsg-2
0.9.15+dfsg-3

Ecosystem specific 

{
    "binaries": [
        {
            "binary_name": "libvncclient1",
            "binary_version": "0.9.15+dfsg-3"
        },
        {
            "binary_name": "libvncserver1",
            "binary_version": "0.9.15+dfsg-3"
        }
    ]
}

Database specific

source 
"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2026/UBUNTU-CVE-2026-32854.json"
tightvnc

Package

Name
tightvnc
Purl
pkg:deb/ubuntu/tightvnc?arch=source&distro=resolute

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

1:1.*
1:1.3.10-10
1:1.3.10-10build1

Ecosystem specific 

{
    "binaries": [
        {
            "binary_name": "tightvncpasswd",
            "binary_version": "1:1.3.10-10build1"
        },
        {
            "binary_name": "tightvncserver",
            "binary_version": "1:1.3.10-10build1"
        },
        {
            "binary_name": "xtightvncviewer",
            "binary_version": "1:1.3.10-10build1"
        }
    ]
}

Database specific

source 
"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2026/UBUNTU-CVE-2026-32854.json"
veyon

Package

Name
veyon
Purl
pkg:deb/ubuntu/veyon?arch=source&distro=resolute

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

4.*
4.9.7+repack1-1
4.9.7+repack1-1build1

Ecosystem specific 

{
    "binaries": [
        {
            "binary_name": "libveyon-core",
            "binary_version": "4.9.7+repack1-1build1"
        },
        {
            "binary_name": "veyon-configurator",
            "binary_version": "4.9.7+repack1-1build1"
        },
        {
            "binary_name": "veyon-master",
            "binary_version": "4.9.7+repack1-1build1"
        },
        {
            "binary_name": "veyon-plugins",
            "binary_version": "4.9.7+repack1-1build1"
        },
        {
            "binary_name": "veyon-service",
            "binary_version": "4.9.7+repack1-1build1"
        }
    ]
}

Database specific

source 
"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2026/UBUNTU-CVE-2026-32854.json"
x11vnc

Package

Name
x11vnc
Purl
pkg:deb/ubuntu/x11vnc?arch=source&distro=resolute

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

0.*
0.9.17-1
0.9.17-2

Ecosystem specific 

{
    "binaries": [
        {
            "binary_name": "x11vnc",
            "binary_version": "0.9.17-2"
        }
    ]
}

Database specific

source 
"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2026/UBUNTU-CVE-2026-32854.json"
Ubuntu:Pro:14.04:LTS
tightvnc

Package

Name
tightvnc
Purl
pkg:deb/ubuntu/tightvnc?arch=source&distro=esm-infra-legacy%2Ftrusty

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

1.*
1.3.9-6.4
1.3.9-6.4ubuntu1
1.3.9-6.5+deb8u1build0.14.04.1~esm1

Ecosystem specific 

{
    "binaries": [
        {
            "binary_name": "tightvncserver",
            "binary_version": "1.3.9-6.5+deb8u1build0.14.04.1~esm1"
        },
        {
            "binary_name": "xtightvncviewer",
            "binary_version": "1.3.9-6.5+deb8u1build0.14.04.1~esm1"
        }
    ]
}

Database specific

source 
"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2026/UBUNTU-CVE-2026-32854.json"
Ubuntu:Pro:16.04:LTS
x11vnc

Package

Name
x11vnc
Purl
pkg:deb/ubuntu/x11vnc?arch=source&distro=esm-apps%2Fxenial

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

0.*
0.9.13-1.2build1
0.9.13-1.2ubuntu0.1~esm1

Ecosystem specific 

{
    "binaries": [
        {
            "binary_name": "x11vnc",
            "binary_version": "0.9.13-1.2ubuntu0.1~esm1"
        },
        {
            "binary_name": "x11vnc-data",
            "binary_version": "0.9.13-1.2ubuntu0.1~esm1"
        }
    ]
}

Database specific

source 
"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2026/UBUNTU-CVE-2026-32854.json"
Ubuntu:Pro:18.04:LTS
x11vnc

Package

Name
x11vnc
Purl
pkg:deb/ubuntu/x11vnc?arch=source&distro=esm-apps%2Fbionic

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

0.*
0.9.13-2
0.9.13-2build1
0.9.13-3
0.9.13-3ubuntu0.1~esm1

Ecosystem specific 

{
    "binaries": [
        {
            "binary_name": "x11vnc",
            "binary_version": "0.9.13-3ubuntu0.1~esm1"
        },
        {
            "binary_name": "x11vnc-data",
            "binary_version": "0.9.13-3ubuntu0.1~esm1"
        }
    ]
}

Database specific

source 
"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2026/UBUNTU-CVE-2026-32854.json"
Ubuntu:Pro:20.04:LTS
x11vnc

Package

Name
x11vnc
Purl
pkg:deb/ubuntu/x11vnc?arch=source&distro=esm-apps%2Ffocal

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

0.*
0.9.13-6
0.9.16-3
0.9.16-3ubuntu0.1~esm1

Ecosystem specific 

{
    "binaries": [
        {
            "binary_name": "x11vnc",
            "binary_version": "0.9.16-3ubuntu0.1~esm1"
        }
    ]
}

Database specific

source 
"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2026/UBUNTU-CVE-2026-32854.json"