Buffer Overflow Vulnerability in LibVNCClient Affects Multiple Versions
CVE-2026-44988
8.8HIGH
What is CVE-2026-44988?
LibVNCClient is a widely used library for implementing VNC clients. Versions 0.9.15 and earlier include a vulnerability where the Tight encoding decoder utilizes fixed-size 2048-pixel scratch buffers for the Gradient filter without properly validating the dimensions of the incoming Tight rectangles. A malicious VNC server can exploit this weakness by sending specially crafted FramebufferUpdate rectangles that exceed the fixed buffer sizes, leading to a buffer overflow when processed by a LibVNCClient-based client. This flaw has been addressed with specific code changes, enhancing the security of the library.
Affected Version(s)
libvncserver <= 0.9.15
