Vulnerabilities > CVE-2025-26596 - Out-of-bounds Write vulnerability in multiple products

047910
CVSS 7.8 - HIGH
Attack vector
LOCAL
Attack complexity
LOW
Privileges required
LOW
Confidentiality impact
HIGH
Integrity impact
HIGH
Availability impact
HIGH
local
low complexity
tigervnc
x-org
redhat
CWE-787
NVD
Published: 2025-02-25
Updated: 2025-05-08

Summary

A heap overflow flaw was found in X.Org and Xwayland. The computation of the length in XkbSizeKeySyms() differs from what is written in XkbWriteKeySyms(), which may lead to a heap-based buffer overflow.

Vulnerable Configurations

Part Description Count
Application
Tigervnc
1
Application
X.Org
302
OS
Redhat
3

Common Weakness Enumeration (CWE)

References