By vendor

Freedesktop vulnerabilities

Known CVEs affecting Freedesktop products, prioritized by severity, with SEC.co remediation and detection guidance.

1 published vulnerability

  • CVE-2026-50292HIGH 7.4

    CVE-2026-50292 is a privilege escalation vulnerability in libinput, a widely-used input device handling library. The flaw allows an attacker with local access to craft malicious device properties that libinput-device-group fails to properly sanitize, leading to injection of arbitrary udev properties. This injection can result in arbitrary code execution with root privileges. The vulnerability affects libinput versions before 1.30.4 and all 1.31.x versions before 1.31.3.