Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
9.9
Neat VNC server library crashes with malicious connection
DEBIAN-CVE-2026-42859
Summary
A malicious user can crash the Neat VNC server by sending a specially crafted connection request before authenticating. This could cause the server to stop working. Update to version 0.9.6 or later to fix this issue.
What to do
No fix is available yet. Check with your software vendor for updates.
Affected software
| Ecosystem | Vendor | Product | Affected versions |
|---|---|---|---|
| Debian:12 | debian | neatvnc | All versions |
| Debian:13 | debian | neatvnc | All versions |
| Debian:14 | debian | neatvnc | All versions |
Original title
Neat VNC is a VNC server library. Prior to 0.9.6, a pre-authentication stack buffer overflow exists in neatvnc in the RSA-AES security type handler. An unauthenticated remote attacker who can reach...
Original description
Neat VNC is a VNC server library. Prior to 0.9.6, a pre-authentication stack buffer overflow exists in neatvnc in the RSA-AES security type handler. An unauthenticated remote attacker who can reach the VNC listening socket can send a crafted security type 5 (RSA-AES) or security type 129 (RSA-AES-256) handshake with an oversized client RSA public key, causing rsa_aes_send_challenge in src/auth/rsa-aes.c to overflow a 1024-byte on-stack buffer when encrypting the server challenge. This results in at least a denial of service via server crash. This vulnerability is fixed in 0.9.6.
osv CVSS4.0
9.9
- https://security-tracker.debian.org/tracker/CVE-2026-42859 Vendor Advisory
Published: 11 May 2026 · Updated: 14 May 2026 · First seen: 14 May 2026