THREAT OPS › Threat News › [NVD] CVE-2026-50261 (HIGH 7.8) — A use-after-free flaw was found in the X.Org X server and Xwayland in SyncChangeCounter(). A client that sets up multiple SyncCounters can trigger a use-after-free when destroying those counters via a second client connection while changing those counters. This may be used to cra
[NVD] CVE-2026-50261 (HIGH 7.8) — A use-after-free flaw was found in the X.Org X server and Xwayland in SyncChangeCounter(). A client that sets up multiple SyncCounters can trigger a use-after-free when destroying those counters via a second client connection while changing those counters. This may be used to cra
CVE-2026-50261 CVSS: 7.8 HIGH Published: 2026-06-05T12:16:39.617
A use-after-free flaw was found in the X.Org X server and Xwayland in SyncChangeCounter(). A client that sets up multiple SyncCounters can trigger a use-after-free when destroying those counters via a second client connection while changing those counters. This may be used to crash the server, or for privilege escalation if the X se
Indicators of compromise
- CVE-2026-50261cve
Original source: https://nvd.nist.gov/vuln/detail/CVE-2026-50261