CVE-2026-50262
published 2026-06-05CVE-2026-50262: An out-of-bounds read flaw was found in the X.Org X server and Xwayland in __glXDisp_ChangeDrawableAttributes(). A wrong size validation check can read a…
PriorityP427medium5.5CVSS 3.1
AVLACLPRLUINSUCHINAN
EPSS
0.13%
2.8th percentile
An out-of-bounds read flaw was found in the X.Org X server and Xwayland in __glXDisp_ChangeDrawableAttributes(). A wrong size validation check can read a client-controlled number of bytes, exceeding the request buffer, leading to information disclosure. A write path also exists but requires byte-swapped clients which is disabled by default.
Affected
7 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| redhat | enterprise_linux | — | — |
| redhat | enterprise_linux | — | — |
| redhat | enterprise_linux | — | — |
| redhat | enterprise_linux | — | — |
| the_x.org_foundation | xorg-x11-server | — | — |
| x.org | x_server | < 21.1.23 | 21.1.23 |
| x.org | xwayland | < 24.1.12 | 24.1.12 |
CVSS provenance
nvdv3.15.5MEDIUMCVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
vendor_redhat5.5MEDIUM
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Red Hat
xorg-x11-server: xorg-x11-server-Xwayland: xorg-x11-server: out-of-bounds read/write in GLX ChangeDrawableAttributes
vendor_redhat·2026-06-02·CVSS 5.5
CVE-2026-50262 [MEDIUM] CWE-125 xorg-x11-server: xorg-x11-server-Xwayland: xorg-x11-server: out-of-bounds read/write in GLX ChangeDrawableAttributes
xorg-x11-server: xorg-x11-server-Xwayland: xorg-x11-server: out-of-bounds read/write in GLX ChangeDrawableAttributes
An out-of-bounds read flaw was found in the X.Org X server and Xwayland in __glXDisp_ChangeDrawableAttributes(). A wrong size validation check can read a client-controlled number of bytes, exceeding the request buffer, leading to information disclosure. A write path also exists but requires byte-swapped clients which is disabled by default.
Package: xorg-x11-server-Xwayland (Red Hat Enterprise Linux 10) - Affected
Package: xorg-x11-server (Red Hat Enterprise Linux 6) - Out of support scope
Package: xorg-x11-server (Red Hat Enterprise Linux 7) - Affected
Package: xorg-x11-server (Red Hat Enterprise Linux 8) - Affected
Package: xorg-x11-server-Xwayland (Red Hat Enterpris
VulDB
X.org X11 Server __glXDisp_ChangeDrawableAttributes out-of-bounds (Nessus ID 318745 / WID-SEC-2026-1774)
vuldb·2026-06-06·CVSS 5.5
CVE-2026-50262 [MEDIUM] X.org X11 Server __glXDisp_ChangeDrawableAttributes out-of-bounds (Nessus ID 318745 / WID-SEC-2026-1774)
A vulnerability has been found in X.org X11 Server and classified as problematic. Affected is the function __glXDisp_ChangeDrawableAttributes. This manipulation causes out-of-bounds read.
This vulnerability is tracked as CVE-2026-50262. The attack is restricted to local execution. No exploit exists.
GHSA
An out-of-bounds read flaw was found in the X.Org X server and Xwayland in __glXDisp_ChangeDrawableAttributes().
ghsa_unreviewed·2026-06-05
CVE-2026-50262 [MEDIUM] CWE-125 An out-of-bounds read flaw was found in the X.Org X server and Xwayland in __glXDisp_ChangeDrawableAttributes().
An out-of-bounds read flaw was found in the X.Org X server and Xwayland in __glXDisp_ChangeDrawableAttributes(). A wrong size validation check can read a client-controlled number of bytes, exceeding the request buffer, leading to information disclosure. A write path also exists but requires byte-swapped clients which is disabled by default.
No detection rules found.
No public exploits indexed.
Bugzilla
CVE-2026-50262 xorg-x11-server: xorg-x11-server-Xwayland: xorg-x11-server: out-of-bounds read/write in GLX ChangeDrawableAttributes
bugzilla·2026-06-05·CVSS 5.5
CVE-2026-50262 [MEDIUM] CVE-2026-50262 xorg-x11-server: xorg-x11-server-Xwayland: xorg-x11-server: out-of-bounds read/write in GLX ChangeDrawableAttributes
CVE-2026-50262 xorg-x11-server: xorg-x11-server-Xwayland: xorg-x11-server: out-of-bounds read/write in GLX ChangeDrawableAttributes
A wrong size validation check in __glXDisp_ChangeDrawableAttributes() can read (or write) a client-controlled number of bytes, exceeding the request buffer. The write path requires byte-swapped clients which is disabled by default. The read can lead to information disclosure; the write can crash the server or enable privilege escalation if the X server runs as root.
Any X client that can connect to the server can trigger this issue.
Components affected: xorg-x11-server, xorg-x11-server-Xwayland
Versions affected: xorg-x11-server <= 21.1.22, xorg-x11-server-Xwayland <= 24.1.9
Fixed upstream in xorg-server-21.1.23 and xwayland-24.1.12.
Fix: https://gitlab.fr
Rapid7
Patch Tuesday - June 2026
blogs_rapid7·2026-06-09·CVSS 7.8
CVE-2026-33825 [HIGH] Patch Tuesday - June 2026
Microsoft is publishing 200 vulnerabilities on June 2026 Patch Tuesday . Microsoft is not aware of exploitation in the wild for any of these vulnerabilities, and is aware of public disclosure for three. This is similar to last month’s Patch Tuesday, however several of last month’s vulnerabilities ended up on CISA KEV in the days following their publication. So far this month, Microsoft has provided patches to address 360 browser vulnerabilities, which is an order of magnitude more than has been typical in any given month over the past few years. As usual, browser vulns are not included in the Patch Tuesday count above. Indeed, the vast, and presumably sustained, uptick in the number of browser vulnerabilities has led to Microsoft no longer enumerating Chromium CVEs in the Security Update G
https://access.redhat.com/errata/RHSA-2026:26562https://access.redhat.com/errata/RHSA-2026:26566https://access.redhat.com/errata/RHSA-2026:26590https://access.redhat.com/errata/RHSA-2026:26610https://access.redhat.com/errata/RHSA-2026:26709https://access.redhat.com/errata/RHSA-2026:28923https://access.redhat.com/errata/RHSA-2026:29844https://access.redhat.com/security/cve/CVE-2026-50262https://bugzilla.redhat.com/show_bug.cgi?id=2485387https://gitlab.freedesktop.org/xorg/xserver/-/commit/6d459e4daf715bea8abdafa8fb130be2f8a1d145https://lists.x.org/archives/xorg-announce/2026-June/003702.htmlhttps://redhat.atlassian.net/browse/PSIRTSUPT-16950
2026-06-05
Published