CVE-2026-34003
7.8 HIGHA flaw was found in the X.Org X server's XKB key types request validation
Published: 2026-04-23 · Last updated: 2026-06-08
Severity and scoring
- CVSS
- 7.8 HIGH
- Vector
- CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
- CWE
- CWE-125
Description
A flaw was found in the X.Org X server's XKB key types request validation. A local attacker could send a specially crafted request to the X server, leading to an out-of-bounds memory access vulnerability. This could result in the disclosure of sensitive information or cause the server to crash, leading to a Denial of Service (DoS). In certain configurations, higher impact outcomes may be possible.
Source: NVD
References
- [NVD]https://nvd.nist.gov/vuln/detail/CVE-2026-34003
- [Other]https://access.redhat.com/errata/RHSA-2026:10739
- [Other]https://access.redhat.com/errata/RHSA-2026:11352
- [Other]https://access.redhat.com/errata/RHSA-2026:11369
- [Other]https://access.redhat.com/errata/RHSA-2026:11388
- [Other]https://access.redhat.com/errata/RHSA-2026:11656
- [Other]https://access.redhat.com/errata/RHSA-2026:11692
- [Other]https://access.redhat.com/errata/RHSA-2026:13414
- [Other]https://access.redhat.com/errata/RHSA-2026:19125
- [Other]https://access.redhat.com/errata/RHSA-2026:19342
- [Other]https://access.redhat.com/errata/RHSA-2026:19343
- [Other]https://access.redhat.com/errata/RHSA-2026:19344
- [Other]https://access.redhat.com/errata/RHSA-2026:20547
- [Other]https://access.redhat.com/errata/RHSA-2026:20555
- [Other]https://access.redhat.com/errata/RHSA-2026:20557
- [Other]https://access.redhat.com/errata/RHSA-2026:20558
- [Other]https://access.redhat.com/errata/RHSA-2026:20560
- [Other]https://access.redhat.com/errata/RHSA-2026:20561
- [Other]https://access.redhat.com/errata/RHSA-2026:20562
- [Other]https://access.redhat.com/errata/RHSA-2026:20563
- [Other]https://access.redhat.com/errata/RHSA-2026:20575
- [Other]https://access.redhat.com/errata/RHSA-2026:20576
- [Other]https://access.redhat.com/errata/RHSA-2026:20590
- [Other]https://access.redhat.com/errata/RHSA-2026:21699
- [Other]https://access.redhat.com/errata/RHSA-2026:21712
- [Other]https://access.redhat.com/errata/RHSA-2026:21715
- [Other]https://access.redhat.com/errata/RHSA-2026:21716
- [Other]https://access.redhat.com/errata/RHSA-2026:21718
- [Other]https://access.redhat.com/errata/RHSA-2026:21741
- [Other]https://access.redhat.com/errata/RHSA-2026:21742
- [Other]https://access.redhat.com/errata/RHSA-2026:22424
- [Other]https://access.redhat.com/errata/RHSA-2026:22456
- [Other]https://access.redhat.com/errata/RHSA-2026:23254
- [Other]https://access.redhat.com/errata/RHSA-2026:23255
- [Other]https://access.redhat.com/errata/RHSA-2026:23496
- [Other]https://access.redhat.com/errata/RHSA-2026:24341
- [Other]https://access.redhat.com/security/cve/CVE-2026-34003
- [Other]https://bugzilla.redhat.com/show_bug.cgi?id=2451113
Related CVEs
Same CWE
- CVE-2026-4367 — A flaw was found in libXpm (5.5 MEDIUM)
- CVE-2026-47963 — DNG SDK versions 1.7.1 2536 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive me... (5.5 MEDIUM)
- CVE-2026-47934 — DNG SDK versions 1.7.1 2536 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive me... (5.5 MEDIUM)
- CVE-2026-47927 — DNG SDK versions 1.7.1 2536 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive me... (5.5 MEDIUM)
- CVE-2026-47748 — stable-diffusion.cpp is a pure C/C++ library for running diffusion model (Stable Diffusion, Flux, Wan, Qwen Image, Z-Image, and more) inf... (5.5 MEDIUM)