Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

530 matches found

AstraLinux
AstraLinuxadded 5 days ago1 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: can: etases58x: fixed the potential NULL pointer dereferencing on udev-serial. The driver assumed that es58xdev-udev-serial could never be NULL. While this is true for commercially available devices, an attacker could spoof the...

5.5CVSS6.1AI score0.00201EPSS
Exploits0References2
OSV
OSVadded 2026/06/15 3:56 p.m.6 views

MGASA-2026-0208 Updated libinput packages fix security vulnerability

In libinput before 1.30.4 and 1.31.x before 1.31.3, libinput-device-group unescaped phys output can inject udev properties leading to arbitrary root code execution...

9.8CVSS5.5AI score0.00498EPSS
Exploits0References4
OSV
OSVadded 2026/06/12 12:25 p.m.5 views

OESA-2026-2628 libinput security update

libinput is a library to handle input devices in Wayland compositors and to provide a generic X.Org input driver.It provides device detection, device handling, input device event processing and abstraction so minimize the amount of custom input code compositors need to provide the common set of...

9.8CVSS5.6AI score0.00498EPSS
Exploits0References2
Debian
Debianadded 2026/06/11 5:46 a.m.6 views

[SECURITY] [DSA 6339-1] libinput security update

------------------------------------------------------------------------- Debian Security Advisory DSA-6339-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso June 11, 2026 https://www.debian.org/security/faq -...

9.8CVSS5.3AI score0.00498EPSS
Exploits0
SUSE CVE
SUSE CVEadded 2026/06/09 2:20 a.m.5 views

SUSE CVE-2026-50292

In libinput before 1.30.4 and 1.31.x before 1.31.3, libinput-device-group unescaped phys output can inject udev properties leading to arbitrary root code execution...

9.8CVSS6.1AI score0.00498EPSS
Exploits0References3
Tenable Nessus
Tenable Nessusadded 2026/06/06 12:0 a.m.11 views

Fedora 44 : libinput (2026-5e2446b30f)

The remote Fedora 44 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-5e2446b30f advisory. libinput 1.31.3, fixes a udev property inject via uinput devices that can lead to local privilege escalation Tenable has extracted the preceding description...

5.6AI score
Exploits0References1
NVD
NVDadded 2026/06/05 11:16 a.m.14 views

CVE-2026-50265

Rejected reason: This CVE ID was assigned as a duplicate of CVE-2026-50292...

0.00019EPSS
Exploits0
OSV
OSVadded 2026/06/05 11:16 a.m.6 views

UBUNTU-CVE-2026-50265

Rejected reason: This CVE ID was assigned as a duplicate of CVE-2026-50292...

7CVSS5.2AI score0.00019EPSS
Exploits0References6
CVE
CVEadded 2026/06/05 9:49 a.m.22 views

CVE-2026-50265

CVE-2026-50265 describes a local privilege escalation in libinput. A local attacker with access to /dev/uinput can inject arbitrary udev properties via the libinput-device-group helper, which can lead to root code execution (e.g., through REMOVE_CMD properties executed when a device is removed). ...

5.7AI score0.00019EPSS
Exploits0
Cvelist
Cvelistadded 2026/06/05 9:49 a.m.40 views

CVE-2026-50265

...

0.00019EPSS
Exploits0
ATTACKERKB
ATTACKERKBadded 2026/06/05 9:49 a.m.6 views

CVE-2026-50265

This CVE ID was assigned as a duplicate of CVE-2026-50292...

9.8CVSS5.4AI score0.00498EPSS
Exploits0References4
EUVD
EUVDadded 2026/06/05 9:49 a.m.8 views

EUVD-2026-34795

A flaw was found in libinput. A local attacker with access to /dev/uinput can inject arbitrary udev properties through the libinput-device-group helper. This injection can lead to root code execution, for example, by exploiting REMOVECMD properties that are executed when a device is removed. This...

7CVSS5.7AI score0.00019EPSS
Exploits0References3
Vulnrichment
Vulnrichmentadded 2026/06/05 9:49 a.m.9 views

CVE-2026-50265

...

5.4AI score0.00019EPSS
Exploits0
RedhatCVE
RedhatCVEadded 2026/06/05 9:49 a.m.9 views

CVE-2026-50265

A flaw was found in libinput. A local attacker with access to /dev/uinput can inject arbitrary udev properties through the libinput-device-group helper. This injection can lead to root code execution, for example, by exploiting REMOVECMD properties that are executed when a device is removed. This...

5.7AI score0.00019EPSS
Exploits0References1
Tenable Nessus
Tenable Nessusadded 2026/06/05 12:0 a.m.10 views

Linux Distros Unpatched Vulnerability : CVE-2026-50265

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in libinput. A local attacker with access to /dev/uinput can inject arbitrary udev properties through the libinput-device-group helper. This...

5.8AI score0.00019EPSS
Exploits0References2
CNNVD
CNNVDadded 2026/06/05 12:0 a.m.6 views

libinput 安全漏洞

libinput is an open-source library from freedesktop. It provides a complete input stack for applications that need to handle input devices provided by the kernel. There is a security vulnerability in libinput, which stems from the ability to inject arbitrary udev properties through the...

5.7AI score0.00019EPSS
Exploits0References4
Positive Technologies
Positive Technologiesadded 2026/06/05 12:0 a.m.14 views

PT-2026-46929

Name of the Vulnerable Software and Affected Versions libinput affected versions not specified Description A flaw in libinput allows a local attacker with access to '/dev/uinput' to inject arbitrary udev properties via the libinput-device-group helper. This injection can lead to root code...

7CVSS5.7AI score0.00019EPSS
Exploits0References7
Slackware Linux
Slackware Linuxadded 2026/06/04 9:56 p.m.9 views

[slackware-security] libinput

New libinput packages are available for Slackware 15.0 and -current to fix a security issue. Here are the details from the Slackware 15.0 ChangeLog: patches/packages/libinput-1.31.3-i586-1slack15.0.txz: Upgraded. This update fixes a security issue: libinput-device-group unescaped phys output can...

6AI score
Exploits0
ATTACKERKB
ATTACKERKBadded 2026/06/04 4:41 p.m.6 views

CVE-2026-50292

In libinput before 1.30.4 and 1.31.x before 1.31.3, libinput-device-group unescaped phys output can inject udev properties leading to arbitrary root code execution...

7.4CVSS6.3AI score0.00498EPSS
Exploits0References4Affected Software1
CVE
CVEadded 2026/06/04 4:41 p.m.22 views

CVE-2026-50292

The CVE affects libinput before 1.30.4 and 1.31.x before 1.31.3, where libinput-device-group’s unescaped phys output can inject udev properties, potentially enabling arbitrary root code execution. Affected component: libinput (desktop/input stack). Underlying cause: unescaped phys output in libin...

9.8CVSS6.3AI score0.00498EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder