CVE-2026-4962 | UltraVNC up to 1.6.4.0 Service version.dll uncontrolled search path

Inserito da Angelo Barbosa | Mar 27, 2026 | CVE

A vulnerability, which was classified as problematic, was found in UltraVNC up to 1.6.4.0. Affected by this issue is some unknown functionality in the library version.dll of the component Service. The manipulation results in uncontrolled search path.

This vulnerability was named CVE-2026-4962. The attack needs to be approached locally. In addition, an exploit is available.

The vendor was contacted early about this disclosure but did not respond in any way.

CVE-2026-4962 | UltraVNC up to 1.6.4.0 Service version.dll uncontrolled search path

Post correlati

CVE-2024-21429 | Microsoft unknown vulnerability

CVE-2023-52470 | Linux Kernel up to 6.7.1 Radeon DRM radeon_crtc_init null pointer dereference

CVE-2024-51674 | TemplatesCoder Sastra Essential Addons for Elementor Plugin up to 1.0.5 on WordPress cross site scripting

CVE-2026-3405 | thinkgem JeeSite up to 5.15.1 Connection path traversal