CVE-2026-7831 – UltraVNC
“One exposed remote access service can become the fastest path into your environment.”
UltraVNC released fixes for multiple Critical and High-severity vulnerabilities affecting the Repeater and Viewer components through version 1.8.2.2. The issues include a hardcoded default administrator password, pre-authentication remote code execution, buffer overflows, insecure cryptography, and memory corruption. Together, these vulnerabilities could allow attackers to gain unauthorized administrative access, execute arbitrary code, expose credentials, or crash affected systems.
CVE-2026-7840 has a CVSS score of 9.8, which is Critical severity. CVE-2026-7839 has a CVSS score of 9.1, which is Critical severity. CVE-2026-7838 has a CVSS score of 8.8, which is High severity. CVE-2026-7831 has a CVSS score of 7.5, which is High severity. CVE-2026-7830 has a CVSS score of 7.4, which is High severity. CVE-2026-7829 has a CVSS score of 7.2, which is High severity. Verified exploitation has not been reported.
Key Details
- Affected Product
- Uvnc Ultravnc
- Attack Vector
- Network
- Attack Complexity
- Low
- Privileges Required
- None
- User Interaction
- Required
- CWE Classification
- CWE-193