CVE-2026-50257
- EPSS 0.14%
- Veröffentlicht 05.06.2026 10:31:22
- Zuletzt bearbeitet 09.07.2026 13:17:25
A use-after-free flaw was found in the X.Org X server and Xwayland in miSyncDestroyFence(). A client that sets up multiple fence triggers can trigger a use-after-free function pointer call. An attacker would connect to the X server to set up a fence ...
CVE-2026-34002
- EPSS 0.49%
- Veröffentlicht 05.05.2026 16:16:11
- Zuletzt bearbeitet 08.06.2026 05:16:31
A flaw was found in the X.Org X server. This vulnerability, an out-of-bounds read, affects the XKB (X Keyboard Extension) modifier map handling. An attacker with access to the X11 server can exploit this by sending a malformed request, which causes t...
CVE-2026-34000
- EPSS 0.49%
- Veröffentlicht 05.05.2026 16:16:11
- Zuletzt bearbeitet 08.06.2026 05:16:30
A flaw was found in the X.Org X server. This out-of-bounds read vulnerability in the XKB geometry processing, specifically within the `CheckSetGeom()` and `XkbAddGeomKeyAlias` functions, allows an attacker to read uninitialized or out-of-bounds memor...
CVE-2025-62230
- EPSS 0.27%
- Veröffentlicht 30.10.2025 05:19:40
- Zuletzt bearbeitet 01.07.2026 15:13:56
A flaw was discovered in the X.Org X server’s X Keyboard (Xkb) extension when handling client resource cleanup. The software frees certain data structures without properly detaching related resources, leading to a use-after-free condition. This can c...
CVE-2025-62231
- EPSS 0.28%
- Veröffentlicht 30.10.2025 05:15:39
- Zuletzt bearbeitet 01.07.2026 15:17:04
A flaw was identified in the X.Org X server’s X Keyboard (Xkb) extension where improper bounds checking in the XkbSetCompatMap() function can cause an unsigned short overflow. If an attacker sends specially crafted input data, the value calculation m...
CVE-2022-49737
- EPSS 0.31%
- Veröffentlicht 16.03.2025 00:00:00
- Zuletzt bearbeitet 15.04.2026 00:35:42
In X.Org X server 20.11 through 21.1.16, when a client application uses easystroke for mouse gestures, the main thread modifies various data structures used by the input thread without acquiring a lock, aka a race condition. In particular, AttachDevi...
CVE-2025-26601
- EPSS 0.36%
- Veröffentlicht 25.02.2025 16:15:39
- Zuletzt bearbeitet 29.06.2026 21:16:35
A use-after-free flaw was found in X.Org and Xwayland. When changing an alarm, the values of the change mask are evaluated one after the other, changing the trigger values as requested, and eventually, SyncInitTrigger() is called. If one of the chang...
CVE-2025-26600
- EPSS 0.36%
- Veröffentlicht 25.02.2025 16:15:39
- Zuletzt bearbeitet 29.06.2026 21:16:34
A use-after-free flaw was found in X.Org and Xwayland. When a device is removed while still frozen, the events queued for that device remain while the device is freed. Replaying the events will cause a use-after-free.
CVE-2025-26599
- EPSS 0.37%
- Veröffentlicht 25.02.2025 16:15:39
- Zuletzt bearbeitet 29.06.2026 21:16:34
An access to an uninitialized pointer flaw was found in X.Org and Xwayland. The function compCheckRedirect() may fail if it cannot allocate the backing pixmap. In that case, compRedirectWindow() will return a BadAlloc error without validating the win...
CVE-2025-26594
- EPSS 0.36%
- Veröffentlicht 25.02.2025 16:15:38
- Zuletzt bearbeitet 29.06.2026 21:16:33
A use-after-free flaw was found in X.Org and Xwayland. The root cursor is referenced in the X server as a global variable. If a client frees the root cursor, the internal reference points to freed memory and causes a use-after-free.