CVE-2026-50292

In libinput before 1.30.4 and 1.31.x before 1.31.3, libinput-device-group unescaped phys output can inject udev properties leading to arbitrary root code execution...

CVE-2026-50292

The CVE affects libinput before 1.30.4 and 1.31.x before 1.31.3, where libinput-device-group’s unescaped phys output can inject udev properties, potentially enabling arbitrary root code execution. Affected component: libinput (desktop/input stack). Underlying cause: unescaped phys output in libin...

CVE-2026-50292

In libinput before 1.30.4 and 1.31.x before 1.31.3, libinput-device-group unescaped phys output can inject udev properties leading to arbitrary root code execution...

EUVD-2026-34302

In libinput before 1.30.4 and 1.31.x before 1.31.3, libinput-device-group unescaped phys output can inject udev properties leading to arbitrary root code execution...

CVE-2026-50292

In libinput before 1.30.4 and 1.31.x before 1.31.3, libinput-device-group unescaped phys output can inject udev properties leading to arbitrary root code execution...

CVE-2026-50292

In libinput before 1.30.4 and 1.31.x before 1.31.3, libinput-device-group unescaped phys output can inject udev properties leading to arbitrary root code execution...

PT-2026-46310

Name of the Vulnerable Software and Affected Versions libinput versions prior to 1.30.4 libinput versions 1.31.x prior to 1.31.3 Description An issue exists in libinput-device-group where unescaped phys output allows for the injection of udev properties. This can lead to arbitrary root code...

PT-2026-48584

Уязвимость интерфейса libinput-device-group библиотеки libinput реализации протоколов серверов отображения X.Org и Wayland связана с неверным управлением генерацией кода. Эксплуатация уязвимости может позволить нарушителю повысить свои привилегии до уровня root и выполнить произвольный код...

Astra Linux - уязвимость в libinput

A format string vulnerability was detected in libinput...

Fedora 44 : libinput (2026-56fa441129)

The remote Fedora 44 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-56fa441129 advisory. libinput 1.31.1, fixes Lua plugin sandbox escape CVE-2026-35093, CVE-2026-35094 Tenable has extracted the preceding description block directly from...

CLSA-2026-1776957467 libinput: Fix of CVE-2022-1215

CVE-2022-1215: strip format directives from device name...

[SECURITY] Fedora 44 Update: libinput-1.31.1-1.fc44

libinput is a library that handles input devices for display servers and other applications that need to directly deal with input devices. It provides device detection, device handling, input device event processing and abstraction so minimize the amount of custom input code the user of libinput...

Fedora: Security Advisory (FEDORA-2026-5aafda8cd8)

The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] Fedora 43 Update: libinput-1.30.3-1.fc43

libinput is a library that handles input devices for display servers and other applications that need to directly deal with input devices. It provides device detection, device handling, input device event processing and abstraction so minimize the amount of custom input code the user of libinput...

libinput-devel-1.31.1-1.1 on GA media (moderate)

libinput-devel-1.31.1-1.1 on GA media Announcement ID: openSUSE-SU-2026:10489-1 Rating: moderate Cross-References: CVE-2026-35093 CVE-2026-35094 CVSS scores: CVE-2026-35093 SUSE : 8.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H CVE-2026-35093 SUSE : 6.3...

Fedora 43 : libinput (2026-5aafda8cd8)

The remote Fedora 43 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-5aafda8cd8 advisory. libinput 1.30.3, fixes Lua plugin sandbox escape CVE-2026-35093,CVE-2026-35094 Tenable has extracted the preceding description block directly from t...

OPENSUSE-SU-2026:10489-1 libinput-devel-1.31.1-1.1 on GA media

These are all security issues fixed in the libinput-devel-1.31.1-1.1 package on the GA media of openSUSE Tumbleweed...

SUSE CVE-2026-35093

A flaw was found in libinput. A local attacker who can place a specially crafted Lua bytecode file in certain system or user configuration directories can bypass security restrictions. This allows the attacker to run unauthorized code with the same permissions as the program using libinput, such ...

SUSE CVE-2026-35094

A flaw was found in libinput. An attacker capable of deploying a Lua plugin file in specific system directories can exploit a dangling pointer vulnerability. This occurs when a garbage collection cleanup function is called, leaving a pointer that can then be printed to system logs. This could...

Linux Distros Unpatched Vulnerability : CVE-2026-35093

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in libinput. A local attacker who can place a specially crafted Lua bytecode file in certain system or user configuration directories can bypas...