CVE Catalog

CVE-2026-34002

MediumCVSS 6.1
Published: Updated: Translated: NVD NIST

Summary

A flaw was found in the X.Org X server related to an out-of-bounds read affecting XKB modifier map handling. An attacker with access to the X11 server can exploit this by sending a malformed request, leading to reading beyond intended memory boundaries.

Risk Assessment

This vulnerability can lead to the exposure of sensitive information or cause the server to crash, resulting in a denial of service. Organizations should be aware of the potential risks associated with access to the X11 server.

Recommendation

It is recommended to update the X.Org X server to the latest version to patch this vulnerability and to restrict access to the X11 server to trusted users.

Original NVD description (English source)

A flaw was found in the X.Org X server. This vulnerability, an out-of-bounds read, affects the XKB (X Keyboard Extension) modifier map handling. An attacker with access to the X11 server can exploit this by sending a malformed request, which causes the server to read beyond its intended memory boundaries. This can lead to the exposure of sensitive information or cause the server to crash, resulting in a denial of service.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS