https://www.bleepingcomputer.com/news/security/dozens-of-vnc-vulnerabilities-found-in-linux-windows-solutions/

Researchers found a total of 37 security vulnerabilities impacting four open-source Virtual Network Computing (VNC) implementations and present for the last 20 years, since 1999.

The flaws were found in LibVNC, TightVNC 1.X, TurboVNC, and UltraVNC VNC solutions examined by Kaspersky's Industrial Systems Emergency Response Team (ICS CERT) security researcher Pavel Cheremushkin — the highly popular RealVNC as not analyzed because it did not allow reverse engineering.