🛡️ JLSEC-2026-472
⚪ Unknown ✅ No Known Exploit OSV
N/A
CVSS Score
0 Low4 Medium7 High9 Critical10

Description

A vulnerability was found in libX11. The security flaw occurs because the functions in src/InitExt.c in libX11 do not check that the values provided for the Request, Event, or Error IDs are within the bounds of the arrays that those functions write to, using those IDs as array indexes. They trust that they were called with values provided by an Xserver adhering to the bounds specified in the X11 protocol, as all X servers provided by X.Org do. As the protocol only specifies a single byte for these values, an out-of-bounds value provided by a malicious server (or a malicious proxy-in-the-middle) can only overwrite other portions of the Display structure and not write outside the bounds of the Display structure itself, possibly causing the client to crash with this memory corruption.

Details

Severity Unknown
CVSS Score N/A
CVSS Vector N/A
CWE N/A
Public Exploit ✅ No
Source OSV
Published 2026-05-07
Updated 2026-06-02
Modified 2026-05-07
Fix URL N/A

Affected Packages

Software From version Fixed in
xorg-libx11-jll

Similar Threats

Free Vulnerability Check

Is your WordPress site affected?

BotEraser helps you identify potentially vulnerable plugins and themes by checking your installation against known CVE records.

Scan My Site Free →

No credit card required  ·  Results in minutes

ⓘ Data Notice: The information presented above has been compiled from publicly available internet sources. Boteraser aggregates this data solely for informational purposes and does not independently classify, evaluate, or endorse any findings about the vulnerabilities listed. The accuracy and completeness of this information is the sole responsibility of the original publishers. Boteraser and its operators accept no liability for any decisions made based on this data.