🔐 CVE Alert

CVE-2026-56000

UNKNOWN 0.0

xorg-x11-server / xwayland GLX contextTags Use-After-Free in CommonMakeCurrent()

CVSS Score
0.0
EPSS Score
0.0%
EPSS Percentile
0th

Local attackers with a X connection able to provide GLX commit to the X server xorg-server before 21.2.24 and xwayland before 24.1.13 could cause a Heap Use After Free, due to CommonMakeCurrent() pointing into potentially reallocated memory.

CWE CWE-416
Vendor x.org
Product xorg-x11-server
Published Jul 8, 2026
Last Updated Jul 8, 2026
Stay Ahead of the Next One

Get instant alerts for x.org xorg-x11-server

Be the first to know when new unknown vulnerabilities affecting x.org xorg-x11-server are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

Affected Versions

X.Org / xorg-x11-server
0 < 21.1.24
X.Org / xwayland
0 < 24.1.13

References

NVD ↗ CVE.org ↗ EPSS Data ↗
gitlab.freedesktop.org: https://gitlab.freedesktop.org/xorg/xserver/-/commit/2779affbdb4354e894f490e56f962527d6125043 openwall.com: https://www.openwall.com/lists/oss-security/2026/07/08/2

Credits

Anonymous working with Trend Micro Zero Day Initiative.