PatchSiren

PatchSiren cyber security CVE debrief

CVE-2026-50258 Red Hat CVE debrief

CVE-2026-50258 is a HIGH severity vulnerability in X.Org X server and Xwayland, with a CVSS score of 7.8. A stack-based buffer overflow flaw was found in the X.Org X server and Xwayland. The X server has multiple stack buffers sized XkbMaxShiftLevel * XkbNumKbdGroups but CheckKeyTypes() does not verify or clamp non-canonical key types to XkbMaxShiftLevel. A client can change key types to excessive shift levels and trigger stack overflows. This is caused by an incomplete fix of CVE-2025-26597. This may be used to crash the server, or for privilege escalation if the X server runs as root.

Vendor
Red Hat
Product
Red Hat Enterprise Linux 10
CVSS
HIGH 7.8
CISA KEV
Not listed in stored evidence
Original CVE published
2026-06-05
Original CVE updated
2026-06-08
Advisory published
2026-06-05
Advisory updated
2026-06-08

Who should care

Users of X.Org X server and Xwayland should apply patches or mitigations to prevent exploitation.

Technical summary

The vulnerability exists in the X.Org X server and Xwayland due to a stack-based buffer overflow flaw. The X server has multiple stack buffers sized XkbMaxShiftLevel * XkbNumKbdGroups but CheckKeyTypes() does not verify or clamp non-canonical key types to XkbMaxShiftLevel.

Defensive priority

HIGH

Recommended defensive actions

  • Apply patches or updates from vendors
  • Restrict access to the X server
  • Monitor for suspicious activity

Evidence notes

The vulnerability was caused by an incomplete fix of CVE-2025-26597.

Official resources

CVE-2026-50258 was published on 2026-06-05T12:16:39.070Z and modified on 2026-06-08T16:46:48.723Z.