25/06/2026

ZDI-26-397: X.Org Server CreateSaverWindow Use-After-Free Information Disclosure Vulnerability

This vulnerability allows local attackers to disclose sensitive information on affected installations of X.Org Server. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The ZDI has assigned a CVSS rating of 5.5. The following CVEs are assigned: CVE-2026-50263.

Comments are closed.

You may also like

ZDI-26-205: (Pwn2Own) Canon imageCLASS MF654Cdw PJCC Request Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability

ZDI-26-245: (0Day) aws-mcp-server AWS CLI Command Injection Remote Code Execution Vulnerability