{"dataType":"CVE_RECORD","dataVersion":"5.2","cveMetadata":{"cveId":"CVE-2026-34002","assignerOrgId":"53f830b8-0a3f-465b-8143-3b8a9948e749","state":"PUBLISHED","assignerShortName":"redhat","dateReserved":"2026-03-25T04:53:13.615Z","datePublished":"2026-05-05T14:41:10.065Z","dateUpdated":"2026-06-08T03:30:19.183Z"},"containers":{"cna":{"title":"Xorg: xwayland: x.org x server: information disclosure or denial of service via out-of-bounds read in xkb modifier map handling","metrics":[{"other":{"content":{"value":"Moderate","namespace":"https://access.redhat.com/security/updates/classification/"},"type":"Red Hat severity rating"}},{"cvssV3_1":{"attackComplexity":"LOW","attackVector":"LOCAL","availabilityImpact":"LOW","baseScore":6.1,"baseSeverity":"MEDIUM","confidentialityImpact":"HIGH","integrityImpact":"NONE","privilegesRequired":"LOW","scope":"UNCHANGED","userInteraction":"NONE","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:L","version":"3.1"},"format":"CVSS"}],"descriptions":[{"lang":"en","value":"A flaw was found in the X.Org X server. This vulnerability, an out-of-bounds read, affects the XKB (X Keyboard Extension) modifier map handling. An attacker with access to the X11 server can exploit this by sending a malformed request, which causes the server to read beyond its intended memory boundaries. This can lead to the exposure of sensitive information or cause the server to crash, resulting in a denial of service."}],"affected":[{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 10.0 Extended Update Support","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"xorg-x11-server-Xwayland","defaultStatus":"affected","versions":[{"version":"0:24.1.5-6.el10_0","lessThan":"*","versionType":"rpm","status":"unaffected"}],"cpes":["cpe:/o:redhat:enterprise_linux_eus:10.0"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 6 Extended Lifecycle Support  - EXTENSION","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"tigervnc","defaultStatus":"affected","versions":[{"version":"0:1.1.0-25.el6_10.16","lessThan":"*","versionType":"rpm","status":"unaffected"}],"cpes":["cpe:/o:redhat:rhel_els:6"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 7 Extended Lifecycle Support","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"xorg-x11-server","defaultStatus":"affected","versions":[{"version":"0:1.20.4-34.el7_9","lessThan":"*","versionType":"rpm","status":"unaffected"}],"cpes":["cpe:/o:redhat:rhel_els:7"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 7 Extended Lifecycle Support","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"tigervnc","defaultStatus":"affected","versions":[{"version":"0:1.8.0-36.el7_9.4","lessThan":"*","versionType":"rpm","status":"unaffected"}],"cpes":["cpe:/o:redhat:rhel_els:7"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"xorg-x11-server","defaultStatus":"affected","versions":[{"version":"0:1.20.10-4.el8_4","lessThan":"*","versionType":"rpm","status":"unaffected"}],"cpes":["cpe:/a:redhat:rhel_aus:8.4::appstream","cpe:/a:redhat:rhel_eus_long_life:8.4::appstream"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"tigervnc","defaultStatus":"affected","versions":[{"version":"0:1.11.0-8.el8_4.15","lessThan":"*","versionType":"rpm","status":"unaffected"}],"cpes":["cpe:/a:redhat:rhel_aus:8.4::appstream","cpe:/a:redhat:rhel_eus_long_life:8.4::appstream"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-On","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"xorg-x11-server","defaultStatus":"affected","versions":[{"version":"0:1.20.10-4.el8_4","lessThan":"*","versionType":"rpm","status":"unaffected"}],"cpes":["cpe:/a:redhat:rhel_aus:8.4::appstream","cpe:/a:redhat:rhel_eus_long_life:8.4::appstream"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-On","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"tigervnc","defaultStatus":"affected","versions":[{"version":"0:1.11.0-8.el8_4.15","lessThan":"*","versionType":"rpm","status":"unaffected"}],"cpes":["cpe:/a:redhat:rhel_aus:8.4::appstream","cpe:/a:redhat:rhel_eus_long_life:8.4::appstream"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"xorg-x11-server-Xwayland","defaultStatus":"affected","versions":[{"version":"0:21.1.3-2.el8_6.6","lessThan":"*","versionType":"rpm","status":"unaffected"}],"cpes":["cpe:/a:redhat:rhel_aus:8.6::appstream","cpe:/a:redhat:rhel_e4s:8.6::appstream","cpe:/a:redhat:rhel_tus:8.6::appstream"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"xorg-x11-server","defaultStatus":"affected","versions":[{"version":"0:1.20.11-7.el8_6","lessThan":"*","versionType":"rpm","status":"unaffected"}],"cpes":["cpe:/a:redhat:rhel_aus:8.6::appstream","cpe:/a:redhat:rhel_e4s:8.6::appstream","cpe:/a:redhat:rhel_tus:8.6::appstream"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"tigervnc","defaultStatus":"affected","versions":[{"version":"0:1.12.0-6.el8_6.17","lessThan":"*","versionType":"rpm","status":"unaffected"}],"cpes":["cpe:/a:redhat:rhel_aus:8.6::appstream","cpe:/a:redhat:rhel_eus_long_life:8.6::appstream"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.6 Extended Update Support Long-Life Add-On","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"tigervnc","defaultStatus":"affected","versions":[{"version":"0:1.12.0-6.el8_6.17","lessThan":"*","versionType":"rpm","status":"unaffected"}],"cpes":["cpe:/a:redhat:rhel_aus:8.6::appstream","cpe:/a:redhat:rhel_eus_long_life:8.6::appstream"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.6 Telecommunications Update Service","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"xorg-x11-server-Xwayland","defaultStatus":"affected","versions":[{"version":"0:21.1.3-2.el8_6.6","lessThan":"*","versionType":"rpm","status":"unaffected"}],"cpes":["cpe:/a:redhat:rhel_aus:8.6::appstream","cpe:/a:redhat:rhel_e4s:8.6::appstream","cpe:/a:redhat:rhel_tus:8.6::appstream"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.6 Telecommunications Update Service","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"xorg-x11-server","defaultStatus":"affected","versions":[{"version":"0:1.20.11-7.el8_6","lessThan":"*","versionType":"rpm","status":"unaffected"}],"cpes":["cpe:/a:redhat:rhel_aus:8.6::appstream","cpe:/a:redhat:rhel_e4s:8.6::appstream","cpe:/a:redhat:rhel_tus:8.6::appstream"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"xorg-x11-server-Xwayland","defaultStatus":"affected","versions":[{"version":"0:21.1.3-2.el8_6.6","lessThan":"*","versionType":"rpm","status":"unaffected"}],"cpes":["cpe:/a:redhat:rhel_aus:8.6::appstream","cpe:/a:redhat:rhel_e4s:8.6::appstream","cpe:/a:redhat:rhel_tus:8.6::appstream"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"xorg-x11-server","defaultStatus":"affected","versions":[{"version":"0:1.20.11-7.el8_6","lessThan":"*","versionType":"rpm","status":"unaffected"}],"cpes":["cpe:/a:redhat:rhel_aus:8.6::appstream","cpe:/a:redhat:rhel_e4s:8.6::appstream","cpe:/a:redhat:rhel_tus:8.6::appstream"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.8 Telecommunications Update Service","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"xorg-x11-server-Xwayland","defaultStatus":"affected","versions":[{"version":"0:21.1.3-13.el8_8","lessThan":"*","versionType":"rpm","status":"unaffected"}],"cpes":["cpe:/a:redhat:rhel_e4s:8.8::appstream","cpe:/a:redhat:rhel_tus:8.8::appstream"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.8 Telecommunications Update Service","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"xorg-x11-server","defaultStatus":"affected","versions":[{"version":"0:1.20.11-18.el8_8","lessThan":"*","versionType":"rpm","status":"unaffected"}],"cpes":["cpe:/a:redhat:rhel_e4s:8.8::appstream","cpe:/a:redhat:rhel_tus:8.8::appstream"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.8 Telecommunications Update Service","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"tigervnc","defaultStatus":"affected","versions":[{"version":"0:1.12.0-15.el8_8.17","lessThan":"*","versionType":"rpm","status":"unaffected"}],"cpes":["cpe:/a:redhat:rhel_e4s:8.8::appstream","cpe:/a:redhat:rhel_tus:8.8::appstream"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"xorg-x11-server-Xwayland","defaultStatus":"affected","versions":[{"version":"0:21.1.3-13.el8_8","lessThan":"*","versionType":"rpm","status":"unaffected"}],"cpes":["cpe:/a:redhat:rhel_e4s:8.8::appstream","cpe:/a:redhat:rhel_tus:8.8::appstream"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"xorg-x11-server","defaultStatus":"affected","versions":[{"version":"0:1.20.11-18.el8_8","lessThan":"*","versionType":"rpm","status":"unaffected"}],"cpes":["cpe:/a:redhat:rhel_e4s:8.8::appstream","cpe:/a:redhat:rhel_tus:8.8::appstream"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"tigervnc","defaultStatus":"affected","versions":[{"version":"0:1.12.0-15.el8_8.17","lessThan":"*","versionType":"rpm","status":"unaffected"}],"cpes":["cpe:/a:redhat:rhel_e4s:8.8::appstream","cpe:/a:redhat:rhel_tus:8.8::appstream"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"xorg-x11-server-Xwayland","defaultStatus":"affected","versions":[{"version":"0:21.1.3-5.el9_0","lessThan":"*","versionType":"rpm","status":"unaffected"}],"cpes":["cpe:/a:redhat:rhel_e4s:9.0::appstream"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"xorg-x11-server","defaultStatus":"affected","versions":[{"version":"0:1.20.11-13.el9_0","lessThan":"*","versionType":"rpm","status":"unaffected"}],"cpes":["cpe:/a:redhat:rhel_e4s:9.0::appstream"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"tigervnc","defaultStatus":"affected","versions":[{"version":"0:1.11.0-22.el9_0.17","lessThan":"*","versionType":"rpm","status":"unaffected"}],"cpes":["cpe:/a:redhat:rhel_e4s:9.0::appstream"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"xorg-x11-server-Xwayland","defaultStatus":"affected","versions":[{"version":"0:21.1.3-10.el9_2","lessThan":"*","versionType":"rpm","status":"unaffected"}],"cpes":["cpe:/a:redhat:rhel_e4s:9.2::appstream"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"xorg-x11-server","defaultStatus":"affected","versions":[{"version":"0:1.20.11-20.el9_2","lessThan":"*","versionType":"rpm","status":"unaffected"}],"cpes":["cpe:/a:redhat:rhel_e4s:9.2::appstream"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"tigervnc","defaultStatus":"affected","versions":[{"version":"0:1.12.0-14.el9_2.14","lessThan":"*","versionType":"rpm","status":"unaffected"}],"cpes":["cpe:/a:redhat:rhel_e4s:9.2::appstream"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9.4 Extended Update Support","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"xorg-x11-server","defaultStatus":"affected","versions":[{"version":"0:1.20.11-28.el9_4","lessThan":"*","versionType":"rpm","status":"unaffected"}],"cpes":["cpe:/a:redhat:rhel_eus:9.4::appstream","cpe:/a:redhat:rhel_eus:9.4::crb"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9.4 Extended Update Support","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"xorg-x11-server-Xwayland","defaultStatus":"affected","versions":[{"version":"0:22.1.9-8.el9_4","lessThan":"*","versionType":"rpm","status":"unaffected"}],"cpes":["cpe:/a:redhat:rhel_eus:9.4::appstream"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9.4 Extended Update Support","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"tigervnc","defaultStatus":"affected","versions":[{"version":"0:1.13.1-8.el9_4.9","lessThan":"*","versionType":"rpm","status":"unaffected"}],"cpes":["cpe:/a:redhat:rhel_eus:9.4::appstream"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9.6 Extended Update Support","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"xorg-x11-server","defaultStatus":"affected","versions":[{"version":"0:1.20.11-33.el9_6","lessThan":"*","versionType":"rpm","status":"unaffected"}],"cpes":["cpe:/a:redhat:rhel_eus:9.6::appstream","cpe:/a:redhat:rhel_eus:9.6::crb"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9.6 Extended Update Support","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"xorg-x11-server-Xwayland","defaultStatus":"affected","versions":[{"version":"0:23.2.7-6.el9_6","lessThan":"*","versionType":"rpm","status":"unaffected"}],"cpes":["cpe:/a:redhat:rhel_eus:9.6::appstream","cpe:/a:redhat:rhel_eus:9.6::crb"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9.6 Extended Update Support","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"tigervnc","defaultStatus":"affected","versions":[{"version":"0:1.14.1-10.el9_6","lessThan":"*","versionType":"rpm","status":"unaffected"}],"cpes":["cpe:/a:redhat:rhel_eus:9.6::appstream"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 10","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"xorg-x11-server-Xwayland","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux:10"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 6","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"xorg-x11-server","defaultStatus":"unknown","cpes":["cpe:/o:redhat:enterprise_linux:6"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"tigervnc","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux:8"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"xorg-x11-server","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux:8"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"xorg-x11-server-Xwayland","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux:8"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"tigervnc","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux:9"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"xorg-x11-server","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux:9"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"xorg-x11-server-Xwayland","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux:9"]}],"references":[{"url":"https://access.redhat.com/errata/RHSA-2026:20547","name":"RHSA-2026:20547","tags":["vendor-advisory","x_refsource_REDHAT"]},{"url":"https://access.redhat.com/errata/RHSA-2026:20555","name":"RHSA-2026:20555","tags":["vendor-advisory","x_refsource_REDHAT"]},{"url":"https://access.redhat.com/errata/RHSA-2026:20557","name":"RHSA-2026:20557","tags":["vendor-advisory","x_refsource_REDHAT"]},{"url":"https://access.redhat.com/errata/RHSA-2026:20558","name":"RHSA-2026:20558","tags":["vendor-advisory","x_refsource_REDHAT"]},{"url":"https://access.redhat.com/errata/RHSA-2026:20560","name":"RHSA-2026:20560","tags":["vendor-advisory","x_refsource_REDHAT"]},{"url":"https://access.redhat.com/errata/RHSA-2026:20561","name":"RHSA-2026:20561","tags":["vendor-advisory","x_refsource_REDHAT"]},{"url":"https://access.redhat.com/errata/RHSA-2026:20562","name":"RHSA-2026:20562","tags":["vendor-advisory","x_refsource_REDHAT"]},{"url":"https://access.redhat.com/errata/RHSA-2026:20563","name":"RHSA-2026:20563","tags":["vendor-advisory","x_refsource_REDHAT"]},{"url":"https://access.redhat.com/errata/RHSA-2026:20575","name":"RHSA-2026:20575","tags":["vendor-advisory","x_refsource_REDHAT"]},{"url":"https://access.redhat.com/errata/RHSA-2026:20576","name":"RHSA-2026:20576","tags":["vendor-advisory","x_refsource_REDHAT"]},{"url":"https://access.redhat.com/errata/RHSA-2026:20590","name":"RHSA-2026:20590","tags":["vendor-advisory","x_refsource_REDHAT"]},{"url":"https://access.redhat.com/errata/RHSA-2026:21699","name":"RHSA-2026:21699","tags":["vendor-advisory","x_refsource_REDHAT"]},{"url":"https://access.redhat.com/errata/RHSA-2026:21712","name":"RHSA-2026:21712","tags":["vendor-advisory","x_refsource_REDHAT"]},{"url":"https://access.redhat.com/errata/RHSA-2026:21715","name":"RHSA-2026:21715","tags":["vendor-advisory","x_refsource_REDHAT"]},{"url":"https://access.redhat.com/errata/RHSA-2026:21716","name":"RHSA-2026:21716","tags":["vendor-advisory","x_refsource_REDHAT"]},{"url":"https://access.redhat.com/errata/RHSA-2026:21718","name":"RHSA-2026:21718","tags":["vendor-advisory","x_refsource_REDHAT"]},{"url":"https://access.redhat.com/errata/RHSA-2026:21741","name":"RHSA-2026:21741","tags":["vendor-advisory","x_refsource_REDHAT"]},{"url":"https://access.redhat.com/errata/RHSA-2026:21742","name":"RHSA-2026:21742","tags":["vendor-advisory","x_refsource_REDHAT"]},{"url":"https://access.redhat.com/errata/RHSA-2026:22424","name":"RHSA-2026:22424","tags":["vendor-advisory","x_refsource_REDHAT"]},{"url":"https://access.redhat.com/errata/RHSA-2026:22456","name":"RHSA-2026:22456","tags":["vendor-advisory","x_refsource_REDHAT"]},{"url":"https://access.redhat.com/errata/RHSA-2026:23254","name":"RHSA-2026:23254","tags":["vendor-advisory","x_refsource_REDHAT"]},{"url":"https://access.redhat.com/errata/RHSA-2026:23255","name":"RHSA-2026:23255","tags":["vendor-advisory","x_refsource_REDHAT"]},{"url":"https://access.redhat.com/errata/RHSA-2026:23496","name":"RHSA-2026:23496","tags":["vendor-advisory","x_refsource_REDHAT"]},{"url":"https://access.redhat.com/errata/RHSA-2026:24341","name":"RHSA-2026:24341","tags":["vendor-advisory","x_refsource_REDHAT"]},{"url":"https://access.redhat.com/security/cve/CVE-2026-34002","tags":["vdb-entry","x_refsource_REDHAT"]},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2451112","name":"RHBZ#2451112","tags":["issue-tracking","x_refsource_REDHAT"]}],"datePublic":"2026-05-05T14:01:46.686Z","problemTypes":[{"descriptions":[{"cweId":"CWE-805","description":"Buffer Access with Incorrect Length Value","lang":"en","type":"CWE"}]}],"x_redhatCweChain":"CWE-805: Buffer Access with Incorrect Length Value","workarounds":[{"lang":"en","value":"To mitigate this vulnerability, restrict access to the X11 server. If the X.Org X server is not required on a system, consider disabling or uninstalling it. For systems where the X server is necessary, ensure that access is limited to trusted users and networks. This can involve configuring `xhost` or implementing firewall rules to restrict connections to the X server. Any changes to X server configuration or service status may require a restart of the X server for the mitigation to take effect, which will impact active graphical sessions."}],"timeline":[{"lang":"en","time":"2026-03-25T07:09:50.953Z","value":"Reported to Red Hat."},{"lang":"en","time":"2026-05-05T14:01:46.686Z","value":"Made public."}],"credits":[{"lang":"en","value":"Red Hat would like to thank Jan-Niklas Sohn (TrendAI Zero Day Initiative) for reporting this issue."}],"providerMetadata":{"orgId":"53f830b8-0a3f-465b-8143-3b8a9948e749","shortName":"redhat","dateUpdated":"2026-06-08T03:30:19.183Z"},"x_generator":{"engine":"cvelib 1.8.0"}},"adp":[{"metrics":[{"other":{"type":"ssvc","content":{"timestamp":"2026-05-06T14:27:00.488000Z","id":"CVE-2026-34002","options":[{"Exploitation":"none"},{"Automatable":"no"},{"Technical Impact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}}],"title":"CISA ADP Vulnrichment","providerMetadata":{"orgId":"134c704f-9b21-4f2e-91b3-4a467353bcc0","shortName":"CISA-ADP","dateUpdated":"2026-05-06T14:27:54.934Z"}}]}}