24h | 7d | 30d

CVE-2026-50262

Overview

Red Hat
Red Hat Enterprise Linux 10
xorg-x11-server-Xwayland

05 Jun 2026

Published

05 Jun 2026

Updated

CVSS

Pending

EPSS

0.01%

MITRE

KEV

Description

An out-of-bounds read flaw was found in the X.Org X server and Xwayland in __glXDisp_ChangeDrawableAttributes(). A wrong size validation check can read a client-controlled number of bytes, exceeding the request buffer, leading to information disclosure. A write path also exists but requires byte-swapped clients which is disabled by default.

Statistics

1 Post
1 Interaction

Last activity: Last hour

Fediverse

XLibre @XLibreDev

We released the #XLibre Xserver 25.0.0.24 and 25.1.6 on Jun 05 containing #security fixes for CVE-2026-50256, CVE-2026-50257, CVE-2026-50258, CVE-2026-50259, CVE-2026-50260, CVE-2026-50261, CVE-2026-50262, and CVE-2026-50263. We recommend everyone update ASAP. https://github.com/X11Libre/xserver/releases/tag/xlibre-xserver-25.0.0.24 https://github.com/X11Libre/xserver/releases/tag/xlibre-xserver-25.1.6

#CVE

0
1
0
Last hour

CVE-2026-50260

Overview

Red Hat
Red Hat Enterprise Linux 10
xorg-x11-server-Xwayland

05 Jun 2026

Published

05 Jun 2026

Updated

CVSS

Pending

EPSS

0.01%

MITRE

KEV

Description

A use-after-free flaw was found in the X.Org X server and Xwayland in FreeCounter(). A client that sets up multiple SyncCounters and awaits on those triggers can trigger a use-after-free when destroying those counters via a second client connection. This may be used to crash the server, or for privilege escalation if the X server runs as root.

Statistics

1 Post
1 Interaction

Last activity: Last hour

Fediverse

XLibre @XLibreDev

#CVE

0
1
0
Last hour

Showing 51 to 52 of 52 CVEs