Out-of-Bounds Write in UltraVNC Repeater Affects Admin Credentials
CVE-2026-7829

7.2HIGH

Key Information:

Vendor

Uvnc

Status
Vendor
CVE Published:
1 July 2026

What is CVE-2026-7829?

The UltraVNC Repeater prior to version 1.8.2.2 is susceptible to a post-authentication out-of-bounds write vulnerability within its allow/deny rule parser. This occurs due to insufficient boundary checks during the handling of rule tokens, leading to the potential overwriting of adjacent stack data. Authorized administrators who save overly long token lengths can trigger this flaw, allowing attackers with admin credentials to gain unauthorized code execution on the repeater host, consequently jeopardizing system security.

Affected Version(s)

UltraVNC 0 <= 1.8.2.2

References

CVSS V3.1

Score:
7.2
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
High
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

Credit

Arjun Basnet, Securin (arjun.basnet@securin.io)
.