securityonline.info 7/3/2026, 2:41:39 AM · external

UltraVNC Repeater CVE-2026-7840 lets attackers run code remotely

UltraVNC Repeater CVE-2026-7840 lets attackers run code remotely
CyberSIXT Evidence Panel
CISA KEV Not in KEV
Patch Patch Available

TWO critical vulnerabilities have been disclosed in UltraVNC's repeater tool's HTTP admin server, impacting versions through 1.8.2.2. The first vulnerability, CVE-2026-7840, allows arbitrary code execution via a repeater HTTP server global buffer overflow (CVSS 9.8), while the second, CVE-2026-7839, involves a hardcoded admin password that can be exploited remotely (CVSS 9.1).

Although no confirmed exploitation has occurred, both vulnerabilities pose significant risks as the repeater relays remote desktop sessions and is often exposed to the internet. Users are advised to update to the latest version and strengthen security measures.

View full article

Article by CyberSIXT