101
I Use This!
Moderate Activity
Analyzed about 23 hours ago. based on code collected 1 day ago.
 

Security

Vulnerabilities per Version

Learn more about BDSAs
 
 

Major Versions

1yr
3yr
5yr
10yr
All
click and drag to zoom
 
 
Security Vulnerabilities for Version:
Severities:
Type
Identifier Related Record Severity Date Published Description Versions Affected
CVE-2026-7839 Critical Jul 01, 2026 UltraVNC repeater through 1.8.2.2 initializes the HTTP administration server with a hardcoded default password. In repeater/webgui/settings.c:197, when more...
1.6.4.0, 1.6.1.0, 1.6.0.0, 1.4.3.5, 1.4.3.1, 1.4.3.0, 1.4.2.0, 1.4.0.9, 1.4.0.8, 1.4.0.7
CVE-2026-7838 High Jul 01, 2026 UltraVNC viewer through 1.8.2.2 contains an integer overflow leading to a heap buffer overflow in the RFB protocol failure-response parsing path. In vn more...
1.6.4.0, 1.6.1.0, 1.6.0.0, 1.4.3.5, 1.4.3.1, 1.4.3.0, 1.4.2.0, 1.4.0.9, 1.4.0.8, 1.4.0.7
CVE-2026-7831 High Jul 01, 2026 UltraVNC viewer through 1.8.2.2 contains an off-by-one stack buffer overflow in the RFB ServerInit message handler. In vncviewer/ClientConnection.cpp, more...
1.6.4.0, 1.6.1.0, 1.6.0.0, 1.4.3.5, 1.4.3.1, 1.4.3.0, 1.4.2.0, 1.4.0.9, 1.4.0.8, 1.4.0.7
CVE-2026-7830 High Jul 01, 2026 UltraVNC through 1.8.2.2 uses inadequate cryptography in the MS-Logon II authentication scheme (rfbUltraVNC_MsLogonIIAuth). In rfb/dh.cpp the Diffie-He more...
1.6.4.0, 1.6.1.0, 1.6.0.0, 1.4.3.5, 1.4.3.1, 1.4.3.0, 1.4.2.0, 1.4.0.9, 1.4.0.8, 1.4.0.7
CVE-2026-7829 High Jul 01, 2026 UltraVNC repeater through 1.8.2.2 contains a post-authentication out-of-bounds write in the allow/deny rule parser. In repeater/webgui/settings.c:225-2 more...
1.6.4.0, 1.6.1.0, 1.6.0.0, 1.4.3.5, 1.4.3.1, 1.4.3.0, 1.4.2.0, 1.4.0.9, 1.4.0.8, 1.4.0.7
CVE-2026-7828 Medium Jul 01, 2026 UltraVNC repeater through 1.8.2.2 contains an integer overflow in the HTTP request logging path. In repeater/webgui/settings.c:336, the win_log() funct more...
1.6.4.0, 1.6.1.0, 1.6.0.0, 1.4.3.5, 1.4.3.1, 1.4.3.0, 1.4.2.0, 1.4.0.9, 1.4.0.8, 1.4.0.7
CVE-2026-4962 BDSA-2026-5703 High Mar 27, 2026 A security flaw has been discovered in UltraVNC up to 1.6.4.0. Affected by this issue is some unknown functionality in the library version.dll of the c more...
1.6.4.0, 1.6.1.0, 1.6.0.0
CVE-2026-44042 Low Jul 01, 2026 UltraVNC repeater through 1.8.2.2 contains an off-by-one error in the Base64 decode helper used for HTTP Basic authentication. In repeater/webgui/webut more...
1.6.4.0, 1.6.1.0, 1.6.0.0, 1.4.3.5, 1.4.3.1, 1.4.3.0, 1.4.2.0, 1.4.0.9, 1.4.0.8, 1.4.0.7
CVE-2026-44041 Medium Jul 01, 2026 UltraVNC through 1.8.2.2 contains an out-of-bounds read in the wide-string to multibyte conversion helper. In rfb/dh.cpp:204, the vncWc2Mb() function p more...
1.6.4.0, 1.6.1.0, 1.6.0.0, 1.4.3.5, 1.4.3.1, 1.4.3.0, 1.4.2.0, 1.4.0.9, 1.4.0.8, 1.4.0.7
CVE-2026-44040 Medium Jul 01, 2026 UltraVNC through 1.8.2.2 uses a cryptographically weak pseudo-random number generator to produce VNC authentication challenge bytes. In rfb/vncauth.c:1 more...
1.6.4.0, 1.6.1.0, 1.6.0.0, 1.4.3.5, 1.4.3.1, 1.4.3.0, 1.4.2.0, 1.4.0.9, 1.4.0.8, 1.4.0.7