CVE-2026-3787
published 2026-03-08CVE-2026-3787: A weakness has been identified in UltraVNC 1.6.4.0 on Windows. This affects an unknown function in the library cryptbase.dll of the component Windows Service…
PriorityP434high7CVSS 3.1
AVLACHPRLUINSUCHIHAH
EPSS
0.17%
6.1th percentile
A weakness has been identified in UltraVNC 1.6.4.0 on Windows. This affects an unknown function in the library cryptbase.dll of the component Windows Service. This manipulation causes uncontrolled search path. The attack requires local access. A high degree of complexity is needed for the attack. The exploitability is reported as difficult. The vendor was contacted early about this disclosure but did not respond in any way.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| uvnc | ultravnc | — | — |
CVSS provenance
nvdv3.17.0HIGHCVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
nvdv4.06.4MEDIUMCVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
nvdv2.06.0MEDIUMAV:L/AC:H/Au:S/C:C/I:C/A:C
ghsa6.5MEDIUM
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
PDM wheel installation leads to Path Traversal via overridden write_to_fs
ghsa·2026-06-10·CVSS 6.5
CVE-2026-47764 [MEDIUM] CWE-22 PDM wheel installation leads to Path Traversal via overridden write_to_fs
PDM wheel installation leads to Path Traversal via overridden write_to_fs
InstallDestination.write_to_fs() in src/pdm/installers/installers.py overrides the base class to add symlink/hardlink support but replaces the safe _path_with_destdir() (which validates via Path.resolve() + is_relative_to()) with a bare os.path.join() that performs no path validation. A malicious wheel with traversal entries can write arbitrary files. Same class as Poetry CVE-2026-34591. Fix ready at: https://github.com/pdm-project/pdm/pull/3787.
GHSA
GHSA-97cv-xr93-496p: A weakness has been identified in UltraVNC 1
ghsa_unreviewed·2026-03-09
CVE-2026-3787 [HIGH] CWE-426 GHSA-97cv-xr93-496p: A weakness has been identified in UltraVNC 1
A weakness has been identified in UltraVNC 1.6.4.0 on Windows. This affects an unknown function in the library cryptbase.dll of the component Windows Service. This manipulation causes uncontrolled search path. The attack requires local access. A high degree of complexity is needed for the attack. The exploitability is reported as difficult. The vendor was contacted early about this disclosure but did not respond in any way.
No detection rules found.
No public exploits indexed.
Wiz
CVE-2026-3787 Impact, Exploitability, and Mitigation Steps | Wiz
blogs_wiz·CVSS 9.3
CVE-2026-3787 [CRITICAL] CVE-2026-3787 Impact, Exploitability, and Mitigation Steps | Wiz
## CVE-2026-3787 :
UltraVNC vulnerability analysis and mitigation
A weakness has been identified in UltraVNC 1.6.4.0 on Windows. This affects an unknown function in the library cryptbase.dll of the component Windows Service. This manipulation causes uncontrolled search path. The attack requires local access. A high degree of complexity is needed for the attack. The exploitability is reported as difficult. The vendor was contacted early about this disclosure but did not respond in any way.
Source : NVD
## 7.3
Score
Published March 8, 2026
Severity HIGH
CNA Score 7.3
Affected Technologies
UltraVNC
Has Public Exploit No
Has CISA KEV Exploit No
CISA KEV Release Date N/A
CISA KEV Due Date N/A
Exploitation Probability Percentile (EPSS) 0.4
Exploitation Probability (EPSS) N/A
A
Wiz
CVE-2026-4962 Impact, Exploitability, and Mitigation Steps | Wiz
blogs_wiz·CVSS 9.3
CVE-2026-4962 [CRITICAL] CVE-2026-4962 Impact, Exploitability, and Mitigation Steps | Wiz
## CVE-2026-4962 :
UltraVNC vulnerability analysis and mitigation
A security flaw has been discovered in UltraVNC up to 1.6.4.0. Affected by this issue is some unknown functionality in the library version.dll of the component Service. The manipulation results in uncontrolled search path. The attack needs to be approached locally. This attack is characterized by high complexity. The exploitation is known to be difficult. The exploit has been released to the public and may be used for attacks. The vendor was contacted early about this disclosure but did not respond in any way.
Source : NVD
## 7.3
Score
Published March 27, 2026
Severity HIGH
CNA Score 7.3
Affected Technologies
UltraVNC
Has Public Exploit Yes
Has CISA KEV Exploit No
CISA KEV Release Date N/A
CISA KEV Due Date N
2026-03-08
Published