CVE-2025-26596

Published Feb 25, 2025

Last updated 14 days ago

CVSS high 7.8

Overview

Description
A heap overflow flaw was found in X.Org and Xwayland. The computation of the length in XkbSizeKeySyms() differs from what is written in XkbWriteKeySyms(), which may lead to a heap-based buffer overflow.
Source
secalert@redhat.com
NVD status
Modified

Risk scores

CVSS 3.1

Type
Secondary
Base score
7.8
Impact score
5.9
Exploitability score
1.8
Vector string
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Severity
HIGH

Weaknesses

secalert@redhat.com
CWE-787
nvd@nist.gov
CWE-787

Social media

Hype score
Not currently trending

  1. 🚨 CVE-2025-26596 🔴 HIGH (7.8) 🏢 Red Hat - Red Hat Enterprise Linux 6 🏗️ None 🔗 https://t.co/kj8B0bhhJz 🔗 https://t.co/HQGUSrpXP1 #CyberCron #VulnAlert @RedHat https://t.co/D2zIbSsJPC

    @cybercronai

    27 Feb 2025

    11 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  2. CVE-2025-26596 A heap overflow flaw was found in https://t.co/NfcYnrk5RQ and Xwayland. The computation of the length in XkbSizeKeySyms() differs from what is written in XkbWriteKeySyms(), which may l… https://t.co/ISW2qpdjAL

    @CVEnew

    25 Feb 2025

    322 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

Configurations

References