CVE-2026-50263 :: Enginsight Vulnerability Database

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	Primary	5.5 MEDIUM	LOCAL	LOW	LOW	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Awaiting analysis

This vulnerability is currently awaiting analysis.

Base Score

CVSS 3.x

EPSS Score

Percentile: 1%

Debian Releases

Debian Product

Codename

xorg-server

bookworm	vulnerable
bookworm (security)	vulnerable
bullseye	vulnerable
bullseye (security)	vulnerable
forky	vulnerable
sid	2:21.1.23-1 fixed
trixie	vulnerable
trixie (security)	vulnerable

xwayland

bookworm	ignored
forky	vulnerable
sid	2:24.1.12-1 fixed
trixie	ignored

Common Weakness Enumeration

CWE-416 - Use After Free
Referencing memory after it has been freed can cause a program to crash, use unexpected values, or execute code.

Vulnerability Media Exposure

[GERMAN] X.Org X11 und Xwayland: Mehrere Schwachstellen
Ein Angreifer kann mehrere Schwachstellen in X.Org X11 und Xwayland ausnutzen, um Informationen offenzulegen, um seine Privilegien zu erhöhen, um einen Denial of Service Angriff durchzuführen, und um einen nicht näher spezifizierten Angriff durchzuführen.
Published: 2026-06-01T22:00:00+00:00

References

https://access.redhat.com/security/cve/CVE-2026-50263

https://bugzilla.redhat.com/show_bug.cgi?id=2485388

https://gitlab.freedesktop.org/xorg/xserver/-/commit/ecc634f1b2f7aa473d3a267eada98c4918bf9e05

https://lists.x.org/archives/xorg-announce/2026-June/003702.html

https://redhat.atlassian.net/browse/PSIRTSUPT-16950