PatchSiren cyber security CVE debrief
CVE-2026-44042 uvnc CVE debrief
CVE-2026-44042 is a low-severity vulnerability in UltraVNC repeater through version 1.8.2.2. The issue is an off-by-one error in the Base64 decode helper used for HTTP Basic authentication, which could potentially lead to a one-byte write at the boundary of a 1024-byte stack buffer under constrained conditions. This vulnerability exists in the wi_uudecode() function in repeater/webgui/webutils.c at line 817. The function incorrectly checks the input length with a strict greater-than comparison (>), instead of a greater-than-or-equal (>=) check. This leaves a latent off-by-one condition that could become exploitable if buffering constraints change. The CVSS score is 3.7 (Low severity). Users of UltraVNC repeater versions prior to a fixed version should apply patches or mitigations to prevent potential exploitation.
- Vendor
- uvnc
- Product
- UltraVNC
- CVSS
- LOW 3.7
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2026-07-01
- Original CVE updated
- 2026-07-09
- Advisory published
- 2026-07-01
- Advisory updated
- 2026-07-09
Who should care
Users of UltraVNC repeater versions prior to a fixed version should apply patches or mitigations to prevent potential exploitation. This includes operators, administrators, and security teams responsible for managing and securing UltraVNC repeater deployments. They should review the supplied official advisory or CVE record to validate affected scope, severity, and vendor guidance.
Technical summary
The vulnerability exists in the wi_uudecode() function in repeater/webgui/webutils.c at line 817. The function incorrectly checks the input length with a strict greater-than comparison (>), instead of a greater-than-or-equal (>=) check. This leaves a latent off-by-one condition that could become exploitable if buffering constraints change. The CVSS score is 3.7 (Low severity). The current risk is limited to a one-byte write at the boundary of a 1024-byte stack buffer under constrained conditions. However, the defective check could become exploitable if the buffering constraints change.
Defensive priority
Apply patches or updates from the vendor as soon as available. Review and adjust configurations to limit exposure. Monitor for and respond to potential exploitation attempts.
Recommended defensive actions
- Apply patches or updates from the vendor as soon as available
- Review and adjust configurations to limit exposure
- Monitor for and respond to potential exploitation attempts
- Confirm whether affected product deployments exist in managed environments and assign an owner for follow-up
- Review compensating controls for exposed systems while remediation is scheduled and verified
- Check relevant monitoring, detection, and logs for exposed assets that need extra review
- Track exceptions, retest remediated assets, and close the item only after evidence is documented
Evidence notes
The CVE record was published on 2026-07-01T05:16:21.153Z and was last modified on 2026-07-09T06:16:21.157Z. The NVD entry is currently Modified. The vulnerability details are based on the information provided in the CVE record and NVD entry. However, the details are limited, and defenders should verify the affected scope and severity with the vendor or other reliable sources. The off-by-one error in the Base64 decode helper used for HTTP Basic authentication could potentially lead to a one-byte write at the boundary of a 1024-byte stack buffer under constrained conditions.
Official resources
-
CVE-2026-44042 CVE record
CVE.org
-
CVE-2026-44042 NVD detail
NVD
-
Source item URL
nvd_modified
-
Source reference
33c584b5-0579-4c06-b2a0-8d8329fcab9c - Product
-
Mitigation or vendor reference
33c584b5-0579-4c06-b2a0-8d8329fcab9c - Product, Release Notes
-
Source reference
33c584b5-0579-4c06-b2a0-8d8329fcab9c
AI-assisted PatchSiren debrief based on the supplied source corpus. The CVE record was published on 2026-07-01T05:16:21.153Z and has not been modified since then.