Red Hat Product Errata RHSA-2026:10739 - Security Advisory Issued: 2026-04-27 Updated: 2026-04-27 RHSA-2026:10739 - Security Advisory Overview Updated Packages Synopsis Important: tigervnc security update Type/Severity Security Advisory: Important Red Hat Lightspeed patch analysis Identify and remediate systems affected by this advisory. View affected systems Topic An update for tigervnc is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Description Virtual Network Computing (VNC) is a remote display system which allows users to view a computing desktop environment not only on the machine where it is running, but from anywhere on the Internet and from a wide variety of machine architectures. TigerVNC is a suite of VNC servers and clients. Security Fix(es): xorg: xwayland: X.Org X server: Denial of Service via integer underflow in XKB compatibility map handling (CVE-2026-33999) xorg: xwayland: X.Org X server: Use-after-free vulnerability leads to server crash and potential memory corruption (CVE-2026-34001) xorg: xwayland: X.Org X server: Information exposure and denial of service via out-of-bounds memory access (CVE-2026-34003) TigerVNC: x0vncserver: TigerVNC x0vncserver: Information disclosure, data manipulation, and denial of service via incorrect permissions (CVE-2026-34352) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Solution For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 Affected Products Red Hat Enterprise Linux for x86_64 9 x86_64 Red Hat Enterprise Linux for IBM z Systems 9 s390x Red Hat Enterprise Linux for Power, little endian 9 ppc64le Red Hat Enterprise Linux for ARM 64 9 aarch64 Fixes BZ - 2451106 - CVE-2026-33999 xorg: xwayland: X.Org X server: Denial of Service via integer underflow in XKB compatibility map handling BZ - 2451109 - CVE-2026-34001 xorg: xwayland: X.Org X server: Use-after-free vulnerability leads to server crash and potential memory corruption BZ - 2451113 - CVE-2026-34003 xorg: xwayland: X.Org X server: Information exposure and denial of service via out-of-bounds memory access BZ - 2452022 - CVE-2026-34352 TigerVNC: x0vncserver: TigerVNC x0vncserver: Information disclosure, data manipulation, and denial of service via incorrect permissions CVEs CVE-2026-33999 CVE-2026-34001 CVE-2026-34003 CVE-2026-34352 References https://access.redhat.com/security/updates/classification/#important Note: More recent versions of these packages may be available. Click a package name for more details. Red Hat Enterprise Linux for x86_64 9 SRPM tigervnc-1.15.0-6.el9_7.1.src.rpm SHA-256: ec9fc4d4c552fea64e50148ce37ea9ed6e1467d21f4c7946b6b1aec203474fbf x86_64 tigervnc-1.15.0-6.el9_7.1.x86_64.rpm SHA-256: 8e0e71dd776c2aaf68a7da1cdbdee4af7fbe266dd6684c0b1362db879993ce39 tigervnc-debuginfo-1.15.0-6.el9_7.1.x86_64.rpm SHA-256: 8d0be73c8ccea7ab53d5e75054de0ee7fec7b64076493405cf79168d76f6aa14 tigervnc-debugsource-1.15.0-6.el9_7.1.x86_64.rpm SHA-256: 88c932c2bffc6990f4230515fbadc91aba3b3a959865d7908af251d3be04b9d1 tigervnc-icons-1.15.0-6.el9_7.1.noarch.rpm SHA-256: b4d2447701d6b77bf7e482369f1bb152cbc8f6fa9af579b9d7f03464e82c57d7 tigervnc-license-1.15.0-6.el9_7.1.noarch.rpm SHA-256: 1194578c03e3034a48f58fae932657a224f795b2330c5882c8221679508ca1ac tigervnc-selinux-1.15.0-6.el9_7.1.noarch.rpm SHA-256: 81790d29eaa6a61bc78f65cee04bdb83539035b8e85e3aa7a444ecc3c7d1025e tigervnc-server-1.15.0-6.el9_7.1.x86_64.rpm SHA-256: 2b9fc95519b97433c6a1e338228987dc0001743a76e930561977c37d9a5bcaf8 tigervnc-server-debuginfo-1.15.0-6.el9_7.1.x86_64.rpm SHA-256: 110c91ce440240fa09a12e9d9779351b7447c656cf1e4aa396e5954145d950ac tigervnc-server-minimal-1.15.0-6.el9_7.1.x86_64.rpm SHA-256: 488751d6409e9efc9ca32a232f44497f603c80c4c30ead956e300ed9d496da4d tigervnc-server-minimal-debuginfo-1.15.0-6.el9_7.1.x86_64.rpm SHA-256: 86f489a70c911b4fd777447986acd67f884b9a4f7b80aaa2cd7ec05fa5c5fb55 tigervnc-server-module-1.15.0-6.el9_7.1.x86_64.rpm SHA-256: 305fe0df2f48cd70188bb6b1572f44dadb4aeee3fe2ff979520f2f57c68f177a tigervnc-server-module-debuginfo-1.15.0-6.el9_7.1.x86_64.rpm SHA-256: e273e24ccad4043c30aad78ec16d013665b95210023b66ab428aaf0286dba0ce Red Hat Enterprise Linux for IBM z Systems 9 SRPM tigervnc-1.15.0-6.el9_7.1.src.rpm SHA-256: ec9fc4d4c552fea64e50148ce37ea9ed6e1467d21f4c7946b6b1aec203474fbf s390x tigervnc-1.15.0-6.el9_7.1.s390x.rpm SHA-256: 09b2857dbe206228553ca7c67f601615aff7212e66fe3c54953d3b3e9d285bd7 tigervnc-debuginfo-1.15.0-6.el9_7.1.s390x.rpm SHA-256: 9d2367c2e18a6b35ba9b31cb7be561bcc66dba880705bef15155d96bc76b7166 tigervnc-debugsource-1.15.0-6.el9_7.1.s390x.rpm SHA-256: 5d17af5445e3e56fd0597d33c1dc960bfe6edbb3a8216e525e13aa4ea1ff20dd tigervnc-icons-1.15.0-6.el9_7.1.noarch.rpm SHA-256: b4d2447701d6b77bf7e482369f1bb152cbc8f6fa9af579b9d7f03464e82c57d7 tigervnc-license-1.15.0-6.el9_7.1.noarch.rpm SHA-256: 1194578c03e3034a48f58fae932657a224f795b2330c5882c8221679508ca1ac tigervnc-selinux-1.15.0-6.el9_7.1.noarch.rpm SHA-256: 81790d29eaa6a61bc78f65cee04bdb83539035b8e85e3aa7a444ecc3c7d1025e tigervnc-server-1.15.0-6.el9_7.1.s390x.rpm SHA-256: 31c424efc54e1347d4b7821161c76d136c0e5cb881b0d041be3588e99b5fad2c tigervnc-server-debuginfo-1.15.0-6.el9_7.1.s390x.rpm SHA-256: 656852585be727e50a3374f9beb2922826e7358f8c4398f2ebc7f84d818f0964 tigervnc-server-minimal-1.15.0-6.el9_7.1.s390x.rpm SHA-256: 120c6001198ba49f5b0d8eb732e5b541337d451db8a71c475511b90c5d43e83c tigervnc-server-minimal-debuginfo-1.15.0-6.el9_7.1.s390x.rpm SHA-256: 79c42cd53aaee4ad8cae21b85be71d264e6569d7a45751ccc4e5cfb45525254d tigervnc-server-module-1.15.0-6.el9_7.1.s390x.rpm SHA-256: 7500b732177c1d800f1362f4fa03fa5a80afabc7020c2cfd2ec875678ed4bfd3 tigervnc-server-module-debuginfo-1.15.0-6.el9_7.1.s390x.rpm SHA-256: b31ad5116ea8b928d57154804725b6dde270bb05fdc111dab150cae897c39a98 Red Hat Enterprise Linux for Power, little endian 9 SRPM tigervnc-1.15.0-6.el9_7.1.src.rpm SHA-256: ec9fc4d4c552fea64e50148ce37ea9ed6e1467d21f4c7946b6b1aec203474fbf ppc64le tigervnc-1.15.0-6.el9_7.1.ppc64le.rpm SHA-256: b57f33dd144dd86b3158b6ef49688e13bb0e6f2aad476014f3fed8cf850ddacc tigervnc-debuginfo-1.15.0-6.el9_7.1.ppc64le.rpm SHA-256: 34d5575d4bfd227d4a335050381df8210758511efa0b47b8d665a6435f29323d tigervnc-debugsource-1.15.0-6.el9_7.1.ppc64le.rpm SHA-256: e945b9ccccabc4a7ca3888cf16da231993be223379e7d9f908048c0992c5a88e tigervnc-icons-1.15.0-6.el9_7.1.noarch.rpm SHA-256: b4d2447701d6b77bf7e482369f1bb152cbc8f6fa9af579b9d7f03464e82c57d7 tigervnc-license-1.15.0-6.el9_7.1.noarch.rpm SHA-256: 1194578c03e3034a48f58fae932657a224f795b2330c5882c8221679508ca1ac tigervnc-selinux-1.15.0-6.el9_7.1.noarch.rpm SHA-256: 81790d29eaa6a61bc78f65cee04bdb83539035b8e85e3aa7a444ecc3c7d1025e tigervnc-server-1.15.0-6.el9_7.1.ppc64le.rpm SHA-256: e5906c54aec1094bf26b7e53bea2e95e0fa72f8028e90499003484094082c66e tigervnc-server-debuginfo-1.15.0-6.el9_7.1.ppc64le.rpm SHA-256: 28190bf566e2304ca49160ef729832f6b42413786bfc961a6084a4dc010a3acb tigervnc-server-minimal-1.15.0-6.el9_7.1.ppc64le.rpm SHA-256: 7f22254350dc65937dd9136d8248a53455b6c69f0d24fceb6baab6c21733f0c2 tigervnc-server-minimal-debuginfo-1.15.0-6.el9_7.1.ppc64le.rpm SHA-256: 1580b90afab93db53f9209fdfd91c793db54bae86d9375812ebf1655eb7955d1 tigervnc-server-module-1.15.0-6.el9_7.1.ppc64le.rpm SHA-256: 30c73d6be6a85b44703125630233f7b6bc666fe438f9882dfac3bf4c7860b8ce tigervnc-server-module-debuginfo-1.15.0-6.el9_7.1.ppc64le.rpm SHA-256: 43385e2b319dff0eb0852dbaa8fbbf6807e98e8cfc5c5af793dc943a3959c646 Red Hat Enterprise Linux for ARM 64 9 SRPM tigervnc-1.15.0-6.el9_7.1.src.rpm SHA-256: ec9fc4d4c552fea64e50148ce37ea9ed6e1467d21f4c7946b6b1aec203474fbf aarch64 tigervnc-1.15.0-6.el9_7.1.aarch64.rpm SHA-256: 0c84209efd21f7f738ada4b850f9f331c71411b57b15468765049efd608d235d tigervnc-debuginfo-1.15.0-6.el9_7.1.aarch64.rpm SHA-256: 3a2ec586ce3ddfab72452f57dc9772d3d0a05eca75b244f4acd75b304d5c539a tigervnc-debugsource-1.15.0-6.el9_7.1.aarch64.rpm SHA-256: aea2a6aa114e7529046aa7ae5f7d2cc405263f47c5b857dc0a3842d9cac2e5e8 tigervnc-icons-1.15.0-6.el9_7.1.noarch.rpm SHA-256: b4d2447701d6b77bf7e482369f1bb152cbc8f6fa9af579b9d7f03464e82c57d7 tigervnc-license-1.15.0-6.el9_7.1.noarch.rpm SHA-256: 1194578c03e3034a48f58fae932657a224f795b2330c5882c8221679508ca1ac tigervnc-selinux-1.15.0-6.el9_7.1.noarch.rpm SHA-256: 81790d29eaa6a61bc78f65cee04bdb83539035b8e85e3aa7a444ecc3c7d1025e tigervnc-server-1.15.0-6.el9_7.1.aarch64.rpm SHA-256: 0c261e57b8453671788b73a4f1f0b11c734f9cef133072953d005fd57708778b tigervnc-server-debuginfo-1.15.0-6.el9_7.1.aarch64.rpm SHA-256: eb6bb1b80d71a5d6c97ad1ba3084cf743283ea7bb6db5f624d3d0120900348fb tigervnc-server-minimal-1.15.0-6.el9_7.1.aarch64.rpm SHA-256: 47303419b31aeec2d07e0c81a0ba22b7cf81bef2293fe8dc7a6e3e2926413a1a tigervnc-server-minimal-debuginfo-1.15.0-6.el9_7.1.aarch64.rpm SHA-256: 8870d08e1233cc91bdb146f01512da95286da8fc6a1deb4a45d75c77fd1c6efe tigervnc-server-module-1.15.0-6.el9_7.1.aarch64.rpm SHA-256: 97e4a193e094cc283b3bd1ae5d1c2d8968aeaa4774b60e388cb0089b39da0c44 tigervnc-server-module-debuginfo-1.15.0-6.el9_7.1.aarch64.rpm SHA-256: 9431ed6cee3ff7cd9b2a07388a2f3d5eb9a03e64ebd299df61a270c4b002b5bf The Red Hat security contact is secalert@redhat.com . More contact details at https://access.redhat.com/security/team/contact/ .