Heap Out-of-Bounds Read Vulnerability in LibVNCServer
CVE-2026-32853

6.9MEDIUM

Key Information:

Vendor: Libvnc
Status: Libvncserver
Vendor: CVE Published:; 24 March 2026

What is CVE-2026-32853?

LibVNCServer, specifically versions 0.9.15 and earlier, presents a vulnerability in the UltraZip encoding handler, characterized by a heap out-of-bounds read. This vulnerability can be exploited by malicious VNC servers, which manipulate subrectangle header counts to bypass proper bounds checking in the HandleUltraZipBPP() function. Such exploitation may lead to the disclosure of sensitive information or cause an unexpected application crash, making it critical for users to upgrade to the patched version available in commit 009008e.

Affected Version(s)

LibVNCServer 0 <= 0.9.15

LibVNCServer 009008e2f4d5a54dd71f422070df3af7b3dbc931

References

https://github.com/LibVNC/libvncserver/security/advisorie...

vendor-advisory

https://github.com/LibVNC/libvncserver/commit/009008e2f4d...

patch

https://www.vulncheck.com/advisories/libvncserver-ultrazi...

third-party-advisory

CVSS V4

Score:

6.9

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

None

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

None

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Mar 24, 2026
Vulnerability Reserved
Mar 16, 2026

Credit

Kazuma Matsumoto, a security researcher at GMO Cybersecurity by IERAE, Inc.

CVE-2026-32853 Data

JSON

Libvnc

What is CVE-2026-32853?

Affected Version(s)

References

CVSS V4

Timeline

Credit