Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
X11 Client Library Allows Malicious Code to Run
OESA-2026-1588
Summary
The X11 client library, used by various applications, contains a flaw that could allow an attacker to execute unauthorized code. This could happen if an attacker can trick the library into processing malicious data. To stay safe, update the library to the latest version.
What to do
- Update libx11 to version 1.7.2-10.oe2203sp4.
Affected software
| Vendor | Product | Affected versions | Fix available |
|---|---|---|---|
| – | libx11 | <= 1.7.2-10.oe2203sp4 | 1.7.2-10.oe2203sp4 |
Original title
libX11 security update
Original description
Core X11 protocol client library.
Security Fix(es):
A buffer overflow flaw was found in X.Org and Xwayland. If XkbChangeTypesOfKey() is called with a 0 group, it will resize the key symbols table to 0 but leave the key actions unchanged. If the same function is later called with a non-zero value of groups, this will cause a buffer overflow because the key actions are of the wrong size.(CVE-2025-26597)
Security Fix(es):
A buffer overflow flaw was found in X.Org and Xwayland. If XkbChangeTypesOfKey() is called with a 0 group, it will resize the key symbols table to 0 but leave the key actions unchanged. If the same function is later called with a non-zero value of groups, this will cause a buffer overflow because the key actions are of the wrong size.(CVE-2025-26597)
- https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA... Vendor Advisory
- https://nvd.nist.gov/vuln/detail/CVE-2025-26597 Vendor Advisory
Published: 15 Mar 2026 · Updated: 15 Mar 2026 · First seen: 15 Mar 2026