THREATOPS
THREAT OPSThreat News › [NVD] CVE-2026-50261 (HIGH 7.8) — A use-after-free flaw was found in the X.Org X server and Xwayland in SyncChangeCounter(). A client that sets up multiple SyncCounters can trigger a use-after-free when destroying those counters via a second client connection while changing those counters. This may be used to cra

[NVD] CVE-2026-50261 (HIGH 7.8) — A use-after-free flaw was found in the X.Org X server and Xwayland in SyncChangeCounter(). A client that sets up multiple SyncCounters can trigger a use-after-free when destroying those counters via a second client connection while changing those counters. This may be used to cra

lownvdPublished 2026-06-05

CVE-2026-50261 CVSS: 7.8 HIGH Published: 2026-06-05T12:16:39.617

A use-after-free flaw was found in the X.Org X server and Xwayland in SyncChangeCounter(). A client that sets up multiple SyncCounters can trigger a use-after-free when destroying those counters via a second client connection while changing those counters. This may be used to crash the server, or for privilege escalation if the X se

Indicators of compromise

Original source: https://nvd.nist.gov/vuln/detail/CVE-2026-50261