UBUNTU-CVE-2026-44988

See a problem?
Please try reporting it to the source first.
Source
https://ubuntu.com/security/CVE-2026-44988
Import Source
https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2026/UBUNTU-CVE-2026-44988.json
JSON Data
https://api.osv.dev/v1/vulns/UBUNTU-CVE-2026-44988
Upstream
  • CVE-2026-44988
Published
2026-05-27T15:16:00Z
Modified
2026-06-03T11:25:22Z
Severity
  • 8.8 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVSS Calculator
  • Ubuntu - medium
Summary
[none]
Details

LibVNCClient is a library for easy implementation of a VNC client. In 0.9.15 and earlier, LibVNCClient's Tight encoding decoder uses fixed-size 2048-pixel scratch buffers for the Gradient filter, but it does not reject Tight rectangles whose width is larger than 2048 pixels. A malicious VNC server can send a crafted FramebufferUpdate rectangle using Tight encoding with NoZlib | ExplicitFilter and the Gradient filter. When a LibVNCClient-based client connects, the client processes the server-controlled rectangle width and writes beyond fixed-size Gradient buffers. This vulnerability is fixed with commit 5b270544b85233668b98161323297d418a8f5fd1.

References

Affected packages

Ubuntu:14.04:LTS
x11vnc

Package

Name
x11vnc
Purl
pkg:deb/ubuntu/x11vnc?arch=source&distro=trusty

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

0.*
0.9.13-1.1

Ecosystem specific 

{
    "binaries": [
        {
            "binary_name": "x11vnc",
            "binary_version": "0.9.13-1.1"
        },
        {
            "binary_name": "x11vnc-data",
            "binary_version": "0.9.13-1.1"
        }
    ]
}

Database specific

source 
"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2026/UBUNTU-CVE-2026-44988.json"
Ubuntu:16.04:LTS
libvncserver

Package

Name
libvncserver
Purl
pkg:deb/ubuntu/libvncserver?arch=source&distro=xenial

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

0.*
0.9.10+dfsg-3
0.9.10+dfsg-3build1
0.9.10+dfsg-3ubuntu0.16.04.1
0.9.10+dfsg-3ubuntu0.16.04.2
0.9.10+dfsg-3ubuntu0.16.04.3
0.9.10+dfsg-3ubuntu0.16.04.4
0.9.10+dfsg-3ubuntu0.16.04.5
0.9.10+dfsg-3ubuntu0.16.04.6

Ecosystem specific 

{
    "binaries": [
        {
            "binary_name": "libvncclient1",
            "binary_version": "0.9.10+dfsg-3ubuntu0.16.04.6"
        },
        {
            "binary_name": "libvncserver-config",
            "binary_version": "0.9.10+dfsg-3ubuntu0.16.04.6"
        },
        {
            "binary_name": "libvncserver1",
            "binary_version": "0.9.10+dfsg-3ubuntu0.16.04.6"
        }
    ]
}

Database specific

source 
"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2026/UBUNTU-CVE-2026-44988.json"
vino

Package

Name
vino
Purl
pkg:deb/ubuntu/vino?arch=source&distro=xenial

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

3.*
3.8.1-0ubuntu6
3.8.1-0ubuntu7
3.8.1-0ubuntu8
3.8.1-0ubuntu9
3.8.1-0ubuntu9.1
3.8.1-0ubuntu9.2
3.8.1-0ubuntu9.3
3.8.1-0ubuntu9.4

Ecosystem specific 

{
    "binaries": [
        {
            "binary_name": "vino",
            "binary_version": "3.8.1-0ubuntu9.4"
        }
    ]
}

Database specific

source 
"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2026/UBUNTU-CVE-2026-44988.json"
italc

Package

Name
italc
Purl
pkg:deb/ubuntu/italc?arch=source&distro=xenial

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

1:2.*
1:2.0.2+dfsg1-3
1:2.0.2+dfsg1-4
1:2.0.2+dfsg1-4ubuntu0.1

Ecosystem specific 

{
    "binaries": [
        {
            "binary_name": "italc-client",
            "binary_version": "1:2.0.2+dfsg1-4ubuntu0.1"
        },
        {
            "binary_name": "italc-management-console",
            "binary_version": "1:2.0.2+dfsg1-4ubuntu0.1"
        },
        {
            "binary_name": "italc-master",
            "binary_version": "1:2.0.2+dfsg1-4ubuntu0.1"
        },
        {
            "binary_name": "libitalccore",
            "binary_version": "1:2.0.2+dfsg1-4ubuntu0.1"
        }
    ]
}

Database specific

source 
"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2026/UBUNTU-CVE-2026-44988.json"
tightvnc

Package

Name
tightvnc
Purl
pkg:deb/ubuntu/tightvnc?arch=source&distro=xenial

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

1.*
1.3.10-0ubuntu2
1.3.10-0ubuntu3

Ecosystem specific 

{
    "binaries": [
        {
            "binary_name": "tightvncserver",
            "binary_version": "1.3.10-0ubuntu3"
        },
        {
            "binary_name": "xtightvncviewer",
            "binary_version": "1.3.10-0ubuntu3"
        }
    ]
}

Database specific

source 
"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2026/UBUNTU-CVE-2026-44988.json"
Ubuntu:18.04:LTS
libvncserver

Package

Name
libvncserver
Purl
pkg:deb/ubuntu/libvncserver?arch=source&distro=bionic

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

0.*
0.9.11+dfsg-1
0.9.11+dfsg-1ubuntu1
0.9.11+dfsg-1ubuntu1.1
0.9.11+dfsg-1ubuntu1.2
0.9.11+dfsg-1ubuntu1.3
0.9.11+dfsg-1ubuntu1.4

Ecosystem specific 

{
    "binaries": [
        {
            "binary_name": "libvncclient1",
            "binary_version": "0.9.11+dfsg-1ubuntu1.4"
        },
        {
            "binary_name": "libvncserver-config",
            "binary_version": "0.9.11+dfsg-1ubuntu1.4"
        },
        {
            "binary_name": "libvncserver1",
            "binary_version": "0.9.11+dfsg-1ubuntu1.4"
        }
    ]
}

Database specific

source 
"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2026/UBUNTU-CVE-2026-44988.json"
vino

Package

Name
vino
Purl
pkg:deb/ubuntu/vino?arch=source&distro=bionic

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

3.*
3.8.1-0ubuntu12
3.22.0-2ubuntu1
3.22.0-3ubuntu1
3.22.0-3ubuntu1.1
3.22.0-3ubuntu1.2

Ecosystem specific 

{
    "binaries": [
        {
            "binary_name": "vino",
            "binary_version": "3.22.0-3ubuntu1.2"
        }
    ]
}

Database specific

source 
"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2026/UBUNTU-CVE-2026-44988.json"
italc

Package

Name
italc
Purl
pkg:deb/ubuntu/italc?arch=source&distro=bionic

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

1:3.*
1:3.0.3+dfsg1-1
1:3.0.3+dfsg1-2
1:3.0.3+dfsg1-2build1
1:3.0.3+dfsg1-2ubuntu1
1:3.0.3+dfsg1-3
1:3.0.3+dfsg1-3ubuntu0.1

Ecosystem specific 

{
    "binaries": [
        {
            "binary_name": "italc-client",
            "binary_version": "1:3.0.3+dfsg1-3ubuntu0.1"
        },
        {
            "binary_name": "italc-management-console",
            "binary_version": "1:3.0.3+dfsg1-3ubuntu0.1"
        },
        {
            "binary_name": "italc-master",
            "binary_version": "1:3.0.3+dfsg1-3ubuntu0.1"
        },
        {
            "binary_name": "libitalccore",
            "binary_version": "1:3.0.3+dfsg1-3ubuntu0.1"
        }
    ]
}

Database specific

source 
"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2026/UBUNTU-CVE-2026-44988.json"
tightvnc

Package

Name
tightvnc
Purl
pkg:deb/ubuntu/tightvnc?arch=source&distro=bionic

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

1.*
1.3.10-0ubuntu3
1.3.10-0ubuntu4

Ecosystem specific 

{
    "binaries": [
        {
            "binary_name": "tightvncserver",
            "binary_version": "1.3.10-0ubuntu4"
        },
        {
            "binary_name": "xtightvncviewer",
            "binary_version": "1.3.10-0ubuntu4"
        }
    ]
}

Database specific

source 
"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2026/UBUNTU-CVE-2026-44988.json"
Ubuntu:20.04:LTS
libvncserver

Package

Name
libvncserver
Purl
pkg:deb/ubuntu/libvncserver?arch=source&distro=focal

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

0.*
0.9.11+dfsg-1.3
0.9.12+dfsg-3ubuntu3
0.9.12+dfsg-6
0.9.12+dfsg-7
0.9.12+dfsg-8
0.9.12+dfsg-9
0.9.12+dfsg-9ubuntu0.1
0.9.12+dfsg-9ubuntu0.2
0.9.12+dfsg-9ubuntu0.3

Ecosystem specific 

{
    "binaries": [
        {
            "binary_name": "libvncclient1",
            "binary_version": "0.9.12+dfsg-9ubuntu0.3"
        },
        {
            "binary_name": "libvncserver1",
            "binary_version": "0.9.12+dfsg-9ubuntu0.3"
        }
    ]
}

Database specific

source 
"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2026/UBUNTU-CVE-2026-44988.json"
vino

Package

Name
vino
Purl
pkg:deb/ubuntu/vino?arch=source&distro=focal

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

3.*
3.22.0-5ubuntu2
3.22.0-5ubuntu2.1
3.22.0-5ubuntu2.2

Ecosystem specific 

{
    "binaries": [
        {
            "binary_name": "vino",
            "binary_version": "3.22.0-5ubuntu2.2"
        }
    ]
}

Database specific

source 
"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2026/UBUNTU-CVE-2026-44988.json"
tightvnc

Package

Name
tightvnc
Purl
pkg:deb/ubuntu/tightvnc?arch=source&distro=focal

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

1.*
1.3.10-0ubuntu5

Ecosystem specific 

{
    "binaries": [
        {
            "binary_name": "tightvncserver",
            "binary_version": "1.3.10-0ubuntu5"
        },
        {
            "binary_name": "xtightvncviewer",
            "binary_version": "1.3.10-0ubuntu5"
        }
    ]
}

Database specific

source 
"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2026/UBUNTU-CVE-2026-44988.json"
veyon

Package

Name
veyon
Purl
pkg:deb/ubuntu/veyon?arch=source&distro=focal

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

4.*
4.2.4+repack1-2
4.2.5+repack1-1
4.3.1+repack1-1
4.3.1+repack1-2
4.3.1+repack1-2build1
4.3.1+repack1-2build2

Ecosystem specific 

{
    "binaries": [
        {
            "binary_name": "libveyon-core",
            "binary_version": "4.3.1+repack1-2build2"
        },
        {
            "binary_name": "veyon-configurator",
            "binary_version": "4.3.1+repack1-2build2"
        },
        {
            "binary_name": "veyon-master",
            "binary_version": "4.3.1+repack1-2build2"
        },
        {
            "binary_name": "veyon-plugins",
            "binary_version": "4.3.1+repack1-2build2"
        },
        {
            "binary_name": "veyon-service",
            "binary_version": "4.3.1+repack1-2build2"
        }
    ]
}

Database specific

source 
"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2026/UBUNTU-CVE-2026-44988.json"
Ubuntu:22.04:LTS
libvncserver

Package

Name
libvncserver
Purl
pkg:deb/ubuntu/libvncserver?arch=source&distro=jammy

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

0.*
0.9.13+dfsg-3
0.9.13+dfsg-3build1
0.9.13+dfsg-3build2

Ecosystem specific 

{
    "binaries": [
        {
            "binary_name": "libvncclient1",
            "binary_version": "0.9.13+dfsg-3build2"
        },
        {
            "binary_name": "libvncserver1",
            "binary_version": "0.9.13+dfsg-3build2"
        }
    ]
}

Database specific

source 
"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2026/UBUNTU-CVE-2026-44988.json"
tightvnc

Package

Name
tightvnc
Purl
pkg:deb/ubuntu/tightvnc?arch=source&distro=jammy

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

1:1.*
1:1.3.10-3
1:1.3.10-5

Ecosystem specific 

{
    "binaries": [
        {
            "binary_name": "tightvncpasswd",
            "binary_version": "1:1.3.10-5"
        },
        {
            "binary_name": "tightvncserver",
            "binary_version": "1:1.3.10-5"
        },
        {
            "binary_name": "xtightvncviewer",
            "binary_version": "1:1.3.10-5"
        }
    ]
}

Database specific

source 
"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2026/UBUNTU-CVE-2026-44988.json"
veyon

Package

Name
veyon
Purl
pkg:deb/ubuntu/veyon?arch=source&distro=jammy

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

4.*
4.5.3+repack1-1build1
4.5.3+repack1-1build2

Ecosystem specific 

{
    "binaries": [
        {
            "binary_name": "libveyon-core",
            "binary_version": "4.5.3+repack1-1build2"
        },
        {
            "binary_name": "veyon-configurator",
            "binary_version": "4.5.3+repack1-1build2"
        },
        {
            "binary_name": "veyon-master",
            "binary_version": "4.5.3+repack1-1build2"
        },
        {
            "binary_name": "veyon-plugins",
            "binary_version": "4.5.3+repack1-1build2"
        },
        {
            "binary_name": "veyon-service",
            "binary_version": "4.5.3+repack1-1build2"
        }
    ]
}

Database specific

source 
"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2026/UBUNTU-CVE-2026-44988.json"
vino

Package

Name
vino
Purl
pkg:deb/ubuntu/vino?arch=source&distro=jammy

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

3.*
3.22.0-6ubuntu3

Ecosystem specific 

{
    "binaries": [
        {
            "binary_name": "vino",
            "binary_version": "3.22.0-6ubuntu3"
        }
    ]
}

Database specific

source 
"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2026/UBUNTU-CVE-2026-44988.json"
x11vnc

Package

Name
x11vnc
Purl
pkg:deb/ubuntu/x11vnc?arch=source&distro=jammy

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

0.*
0.9.16-7
0.9.16-7build1
0.9.16-8

Ecosystem specific 

{
    "binaries": [
        {
            "binary_name": "x11vnc",
            "binary_version": "0.9.16-8"
        }
    ]
}

Database specific

source 
"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2026/UBUNTU-CVE-2026-44988.json"
Ubuntu:24.04:LTS
libvncserver

Package

Name
libvncserver
Purl
pkg:deb/ubuntu/libvncserver?arch=source&distro=noble

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

0.*
0.9.14+dfsg-1
0.9.14+dfsg-1build1
0.9.14+dfsg-1build2

Ecosystem specific 

{
    "binaries": [
        {
            "binary_name": "libvncclient1",
            "binary_version": "0.9.14+dfsg-1build2"
        },
        {
            "binary_name": "libvncserver1",
            "binary_version": "0.9.14+dfsg-1build2"
        }
    ]
}

Database specific

source 
"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2026/UBUNTU-CVE-2026-44988.json"
tightvnc

Package

Name
tightvnc
Purl
pkg:deb/ubuntu/tightvnc?arch=source&distro=noble

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

1:1.*
1:1.3.10-7
1:1.3.10-7build1
1:1.3.10-7build2
1:1.3.10-8

Ecosystem specific 

{
    "binaries": [
        {
            "binary_name": "tightvncpasswd",
            "binary_version": "1:1.3.10-8"
        },
        {
            "binary_name": "tightvncserver",
            "binary_version": "1:1.3.10-8"
        },
        {
            "binary_name": "xtightvncviewer",
            "binary_version": "1:1.3.10-8"
        }
    ]
}

Database specific

source 
"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2026/UBUNTU-CVE-2026-44988.json"
veyon

Package

Name
veyon
Purl
pkg:deb/ubuntu/veyon?arch=source&distro=noble

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

4.*
4.7.5+repack1-1build2
4.7.5+repack1-1ubuntu1
4.7.5+repack1-1ubuntu3
4.7.5+repack1-1ubuntu4
4.7.5+repack1-1ubuntu5

Ecosystem specific 

{
    "binaries": [
        {
            "binary_name": "libveyon-core",
            "binary_version": "4.7.5+repack1-1ubuntu5"
        },
        {
            "binary_name": "veyon-configurator",
            "binary_version": "4.7.5+repack1-1ubuntu5"
        },
        {
            "binary_name": "veyon-master",
            "binary_version": "4.7.5+repack1-1ubuntu5"
        },
        {
            "binary_name": "veyon-plugins",
            "binary_version": "4.7.5+repack1-1ubuntu5"
        },
        {
            "binary_name": "veyon-service",
            "binary_version": "4.7.5+repack1-1ubuntu5"
        }
    ]
}

Database specific

source 
"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2026/UBUNTU-CVE-2026-44988.json"
vino

Package

Name
vino
Purl
pkg:deb/ubuntu/vino?arch=source&distro=noble

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

3.*
3.22.0-6ubuntu3
3.22.0-6ubuntu4
3.22.0-6ubuntu5

Ecosystem specific 

{
    "binaries": [
        {
            "binary_name": "vino",
            "binary_version": "3.22.0-6ubuntu5"
        }
    ]
}

Database specific

source 
"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2026/UBUNTU-CVE-2026-44988.json"
x11vnc

Package

Name
x11vnc
Purl
pkg:deb/ubuntu/x11vnc?arch=source&distro=noble

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

0.*
0.9.16-9
0.9.16-9ubuntu1
0.9.16-10

Ecosystem specific 

{
    "binaries": [
        {
            "binary_name": "x11vnc",
            "binary_version": "0.9.16-10"
        }
    ]
}

Database specific

source 
"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2026/UBUNTU-CVE-2026-44988.json"
Ubuntu:25.10
libvncserver

Package

Name
libvncserver
Purl
pkg:deb/ubuntu/libvncserver?arch=source&distro=questing

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

0.*
0.9.14+dfsg-1build2
0.9.15+dfsg-1

Ecosystem specific 

{
    "binaries": [
        {
            "binary_name": "libvncclient1",
            "binary_version": "0.9.15+dfsg-1"
        },
        {
            "binary_name": "libvncserver1",
            "binary_version": "0.9.15+dfsg-1"
        }
    ]
}

Database specific

source 
"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2026/UBUNTU-CVE-2026-44988.json"
tightvnc

Package

Name
tightvnc
Purl
pkg:deb/ubuntu/tightvnc?arch=source&distro=questing

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

1:1.*
1:1.3.10-9
1:1.3.10-10

Ecosystem specific 

{
    "binaries": [
        {
            "binary_name": "tightvncpasswd",
            "binary_version": "1:1.3.10-10"
        },
        {
            "binary_name": "tightvncserver",
            "binary_version": "1:1.3.10-10"
        },
        {
            "binary_name": "xtightvncviewer",
            "binary_version": "1:1.3.10-10"
        }
    ]
}

Database specific

source 
"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2026/UBUNTU-CVE-2026-44988.json"
veyon

Package

Name
veyon
Purl
pkg:deb/ubuntu/veyon?arch=source&distro=questing

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

4.*
4.7.5+repack1-1ubuntu6
4.7.5+repack1-1ubuntu7
4.9.7+repack1-1

Ecosystem specific 

{
    "binaries": [
        {
            "binary_name": "libveyon-core",
            "binary_version": "4.9.7+repack1-1"
        },
        {
            "binary_name": "veyon-configurator",
            "binary_version": "4.9.7+repack1-1"
        },
        {
            "binary_name": "veyon-master",
            "binary_version": "4.9.7+repack1-1"
        },
        {
            "binary_name": "veyon-plugins",
            "binary_version": "4.9.7+repack1-1"
        },
        {
            "binary_name": "veyon-service",
            "binary_version": "4.9.7+repack1-1"
        }
    ]
}

Database specific

source 
"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2026/UBUNTU-CVE-2026-44988.json"
vino

Package

Name
vino
Purl
pkg:deb/ubuntu/vino?arch=source&distro=questing

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

3.*
3.22.0-7ubuntu1

Ecosystem specific 

{
    "binaries": [
        {
            "binary_name": "vino",
            "binary_version": "3.22.0-7ubuntu1"
        }
    ]
}

Database specific

source 
"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2026/UBUNTU-CVE-2026-44988.json"
x11vnc

Package

Name
x11vnc
Purl
pkg:deb/ubuntu/x11vnc?arch=source&distro=questing

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

0.*
0.9.16-10
0.9.17-1

Ecosystem specific 

{
    "binaries": [
        {
            "binary_name": "x11vnc",
            "binary_version": "0.9.17-1"
        }
    ]
}

Database specific

source 
"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2026/UBUNTU-CVE-2026-44988.json"
Ubuntu:26.04:LTS
libvncserver

Package

Name
libvncserver
Purl
pkg:deb/ubuntu/libvncserver?arch=source&distro=resolute

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

0.*
0.9.15+dfsg-1
0.9.15+dfsg-2
0.9.15+dfsg-3

Ecosystem specific 

{
    "binaries": [
        {
            "binary_name": "libvncclient1",
            "binary_version": "0.9.15+dfsg-3"
        },
        {
            "binary_name": "libvncserver1",
            "binary_version": "0.9.15+dfsg-3"
        }
    ]
}

Database specific

source 
"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2026/UBUNTU-CVE-2026-44988.json"
tightvnc

Package

Name
tightvnc
Purl
pkg:deb/ubuntu/tightvnc?arch=source&distro=resolute

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

1:1.*
1:1.3.10-10
1:1.3.10-10build1

Ecosystem specific 

{
    "binaries": [
        {
            "binary_name": "tightvncpasswd",
            "binary_version": "1:1.3.10-10build1"
        },
        {
            "binary_name": "tightvncserver",
            "binary_version": "1:1.3.10-10build1"
        },
        {
            "binary_name": "xtightvncviewer",
            "binary_version": "1:1.3.10-10build1"
        }
    ]
}

Database specific

source 
"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2026/UBUNTU-CVE-2026-44988.json"
veyon

Package

Name
veyon
Purl
pkg:deb/ubuntu/veyon?arch=source&distro=resolute

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

4.*
4.9.7+repack1-1
4.9.7+repack1-1build1

Ecosystem specific 

{
    "binaries": [
        {
            "binary_name": "libveyon-core",
            "binary_version": "4.9.7+repack1-1build1"
        },
        {
            "binary_name": "veyon-configurator",
            "binary_version": "4.9.7+repack1-1build1"
        },
        {
            "binary_name": "veyon-master",
            "binary_version": "4.9.7+repack1-1build1"
        },
        {
            "binary_name": "veyon-plugins",
            "binary_version": "4.9.7+repack1-1build1"
        },
        {
            "binary_name": "veyon-service",
            "binary_version": "4.9.7+repack1-1build1"
        }
    ]
}

Database specific

source 
"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2026/UBUNTU-CVE-2026-44988.json"
x11vnc

Package

Name
x11vnc
Purl
pkg:deb/ubuntu/x11vnc?arch=source&distro=resolute

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

0.*
0.9.17-1
0.9.17-2

Ecosystem specific 

{
    "binaries": [
        {
            "binary_name": "x11vnc",
            "binary_version": "0.9.17-2"
        }
    ]
}

Database specific

source 
"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2026/UBUNTU-CVE-2026-44988.json"
Ubuntu:Pro:14.04:LTS
tightvnc

Package

Name
tightvnc
Purl
pkg:deb/ubuntu/tightvnc?arch=source&distro=esm-infra-legacy%2Ftrusty

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

1.*
1.3.9-6.4
1.3.9-6.4ubuntu1
1.3.9-6.5+deb8u1build0.14.04.1~esm1

Ecosystem specific 

{
    "binaries": [
        {
            "binary_name": "tightvncserver",
            "binary_version": "1.3.9-6.5+deb8u1build0.14.04.1~esm1"
        },
        {
            "binary_name": "xtightvncviewer",
            "binary_version": "1.3.9-6.5+deb8u1build0.14.04.1~esm1"
        }
    ]
}

Database specific

source 
"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2026/UBUNTU-CVE-2026-44988.json"
Ubuntu:Pro:16.04:LTS
x11vnc

Package

Name
x11vnc
Purl
pkg:deb/ubuntu/x11vnc?arch=source&distro=esm-apps%2Fxenial

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

0.*
0.9.13-1.2build1
0.9.13-1.2ubuntu0.1~esm1

Ecosystem specific 

{
    "binaries": [
        {
            "binary_name": "x11vnc",
            "binary_version": "0.9.13-1.2ubuntu0.1~esm1"
        },
        {
            "binary_name": "x11vnc-data",
            "binary_version": "0.9.13-1.2ubuntu0.1~esm1"
        }
    ]
}

Database specific

source 
"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2026/UBUNTU-CVE-2026-44988.json"
Ubuntu:Pro:18.04:LTS
x11vnc

Package

Name
x11vnc
Purl
pkg:deb/ubuntu/x11vnc?arch=source&distro=esm-apps%2Fbionic

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

0.*
0.9.13-2
0.9.13-2build1
0.9.13-3
0.9.13-3ubuntu0.1~esm1

Ecosystem specific 

{
    "binaries": [
        {
            "binary_name": "x11vnc",
            "binary_version": "0.9.13-3ubuntu0.1~esm1"
        },
        {
            "binary_name": "x11vnc-data",
            "binary_version": "0.9.13-3ubuntu0.1~esm1"
        }
    ]
}

Database specific

source 
"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2026/UBUNTU-CVE-2026-44988.json"
Ubuntu:Pro:20.04:LTS
x11vnc

Package

Name
x11vnc
Purl
pkg:deb/ubuntu/x11vnc?arch=source&distro=esm-apps%2Ffocal

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

0.*
0.9.13-6
0.9.16-3
0.9.16-3ubuntu0.1~esm1

Ecosystem specific 

{
    "binaries": [
        {
            "binary_name": "x11vnc",
            "binary_version": "0.9.16-3ubuntu0.1~esm1"
        }
    ]
}

Database specific

source 
"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2026/UBUNTU-CVE-2026-44988.json"