Skip to main content
Press slash or control plus K to focus the search. Use the arrow keys to navigate results and press enter to open a threat.

Threats Tagged 'cve-2025-26594'

View all threats tagged with 'cve-2025-26594'. Filter and sort to focus on specific types of threats.

Pro Console Lifetime

Stop chasing alerts. Route them.

Start free, then upgrade once to turn Radar into an automated delivery engine for your security stack.

Custom feeds / Automations: email, Slack, webhooks, SIEM/MISP / API access (baseline limits)

View Plans & Pricing

API access activates after upgrading in Console -> Billing.

Breach by OffSeqOFFSEQFRIENDS — 25% OFF

Check if your credentials are on the dark web

Instant breach scanning across billions of leaked records. Free tier available.

Scan now

Filter Threats

Narrow down the results by type, severity, or affected countries

Search threats by title, CVE ID, or description. Maximum 100 characters.
Active filters (1):Tag: cve-2025-26594

Threats Tagged 'cve-2025-26594'

Click on any threat for detailed analysis and mitigation recommendations

CVE-2025-26594: Use After FreeCVE-2025-26594
0

A use-after-free flaw was found in X.Org and Xwayland. The root cursor is referenced in the X server as a global variable. If a client frees the root cursor, the internal reference points to freed memory and causes a use-after-free.

Join the discussion
Red Hat Security Advisory: xorg-x11-server security updateCVE-2025-26594
0

Multiple security vulnerabilities have been identified in the xorg-x11-server component of Red Hat Enterprise Linux 7 Extended Lifecycle Support. These include use-after-free, buffer overflow, heap overflow, out-of-bounds write, and use of uninitialized pointer issues within the Xwayland implementation of X.Org. The vulnerabilities are rated with high severity by Red Hat Product Security. A security update addressing these issues has been released for affected Red Hat Enterprise Linux 7 Extended Lifecycle Support variants.

Join the discussion
Red Hat Security Advisory: tigervnc security updateCVE-2025-26594
0

Multiple security vulnerabilities have been identified in the X.Org Xwayland component used by TigerVNC, a remote display system. These include use-after-free, buffer overflow, heap overflow, out-of-bounds write, and use of uninitialized pointer issues. The vulnerabilities affect Red Hat Enterprise Linux Server 6 and its Extended Life Cycle Support Extension. Red Hat has issued a security advisory with updates to address these issues.

Join the discussion
Red Hat Security Advisory: xorg-x11-server security updateCVE-2024-9632
0

X.Org is an open-source implementation of the X Window System. It provides the basic low-level functionality that full-fledged graphical user interfaces are designed upon. Security Fix(es): * xorg-x11-server: tigervnc: heap-based buffer overflow privilege escalation vulnerability (CVE-2024-9632) * X.Org: Xwayland: Use-after-free of the root cursor (CVE-2025-26594) * xorg: xwayland: Use-after-free in SyncInitTrigger() (CVE-2025-26601) * xorg: xwayland: Use-after-free in PlayReleasedEvents() (CVE-2025-26600) * xorg: xwayland: Use of uninitialized pointer in compRedirectWindow() (CVE-2025-26599) * xorg: xwayland: Out-of-bounds write in CreatePointerBarrierClient() (CVE-2025-26598) * xorg: xwayland: Buffer overflow in XkbChangeTypesOfKey() (CVE-2025-26597) * xorg: xwayland: Heap overflow in XkbWriteKeySyms() (CVE-2025-26596) * Xorg: xwayland: Buffer overflow in XkbVModMaskText() (CVE-2025-26595) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 9 Release Notes linked from the References section.

Join the discussion
Red Hat Security Advisory: xorg-x11-server-Xwayland security updateCVE-2024-9632
0

Xwayland is an X server for running X clients under Wayland. Security Fix(es): * xorg-x11-server: tigervnc: heap-based buffer overflow privilege escalation vulnerability (CVE-2024-9632) * X.Org: Xwayland: Use-after-free of the root cursor (CVE-2025-26594) * xorg: xwayland: Use-after-free in SyncInitTrigger() (CVE-2025-26601) * xorg: xwayland: Use-after-free in PlayReleasedEvents() (CVE-2025-26600) * xorg: xwayland: Use of uninitialized pointer in compRedirectWindow() (CVE-2025-26599) * xorg: xwayland: Out-of-bounds write in CreatePointerBarrierClient() (CVE-2025-26598) * xorg: xwayland: Buffer overflow in XkbChangeTypesOfKey() (CVE-2025-26597) * xorg: xwayland: Heap overflow in XkbWriteKeySyms() (CVE-2025-26596) * Xorg: xwayland: Buffer overflow in XkbVModMaskText() (CVE-2025-26595) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 9 Release Notes linked from the References section.

Join the discussion
Red Hat Security Advisory: xorg-x11-server-Xwayland security updateCVE-2024-9632
0

Xwayland is an X server for running X clients under Wayland. Security Fix(es): * xorg-x11-server: tigervnc: heap-based buffer overflow privilege escalation vulnerability (CVE-2024-9632) * X.Org: Xwayland: Use-after-free of the root cursor (CVE-2025-26594) * xorg: xwayland: Use-after-free in SyncInitTrigger() (CVE-2025-26601) * xorg: xwayland: Use-after-free in PlayReleasedEvents() (CVE-2025-26600) * xorg: xwayland: Use of uninitialized pointer in compRedirectWindow() (CVE-2025-26599) * xorg: xwayland: Out-of-bounds write in CreatePointerBarrierClient() (CVE-2025-26598) * xorg: xwayland: Buffer overflow in XkbChangeTypesOfKey() (CVE-2025-26597) * xorg: xwayland: Heap overflow in XkbWriteKeySyms() (CVE-2025-26596) * Xorg: xwayland: Buffer overflow in XkbVModMaskText() (CVE-2025-26595) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Join the discussion

Showing 1 to 6 of 6 results

Filters:Tag: cve-2025-26594
Page 1 of 1
OffSeq TrainingCredly Certified

Lead Pen Test Professional

Technical5-day eLearningPECB Accredited
View courses