Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
| # | POC Description | Source Link | Shenlong Link |
|---|
| CVE-2026-7840 | 9.8 CRITICAL | UltraVNC repeater HTTP server global buffer overflow via long URI (pre-auth RCE) |
| CVE-2026-7839 | 9.1 CRITICAL | UltraVNC repeater ships hardcoded default admin password allowing unauthenticated admin ac |
| CVE-2026-7838 | 8.8 HIGH | UltraVNC viewer heap buffer overflow via integer overflow in RFB connection-failure reason |
| CVE-2026-7831 | 7.5 HIGH | UltraVNC viewer off-by-one stack overflow in ServerInit desktop name parsing |
| CVE-2026-7830 | 7.4 HIGH | UltraVNC MS-Logon II uses 64-bit Diffie-Hellman and seeded libc rand() enabling credential |
| CVE-2026-7828 | 5.3 MEDIUM | UltraVNC repeater integer overflow in win_log malloc leading to heap overflow |
| CVE-2026-44040 | 4.8 MEDIUM | UltraVNC vncauth.c uses time-seeded libc rand() to generate VNC authentication challenge b |
| CVE-2026-44041 | 4.3 MEDIUM | UltraVNC vncWc2Mb calls wcslen() before validating that the wide string is NUL-terminated |
| CVE-2026-44042 | 3.7 LOW | UltraVNC repeater wi_uudecode off-by-one in base64 decode boundary check |
No comments yet