CVE-2026-33999
HIGH EPSS 29.9%
Published Apr 23, 20262mo ago · Modified Jun 17, 20261w ago
7.8 CVSS 3.1
Published Apr 23, 2026 2mo ago
Last Modified Jun 17, 2026 1w ago
Description
A flaw was found in the X.Org X server. This integer underflow vulnerability, specifically in the XKB compatibility map handling, allows an attacker with local or remote X11 server access to trigger a buffer read overrun. This can lead to memory-safety violations and potentially a denial of service (DoS) or other severe impacts.
CVSS Details
Base Score
Exploitability
Impact
Vector string
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Attack Vector Local
Attack Complexity Low
Privileges Required Low
User Interaction None
Scope Unchanged
Confidentiality High
Integrity High
Availability High
Threat Intelligence
EPSS Exploit Probability
29.9% percentile
Exploit & Patch Status
No Known Exploit
No Patch Available
Weaknesses 1
CWE-191
References 37
- access.redhat.com https://access.redhat.com/errata/RHSA-2026:10739
- access.redhat.com https://access.redhat.com/errata/RHSA-2026:11352
- access.redhat.com https://access.redhat.com/errata/RHSA-2026:11369
- access.redhat.com https://access.redhat.com/errata/RHSA-2026:11388
- access.redhat.com https://access.redhat.com/errata/RHSA-2026:11656
- access.redhat.com https://access.redhat.com/errata/RHSA-2026:11692
- access.redhat.com https://access.redhat.com/errata/RHSA-2026:13414
- access.redhat.com https://access.redhat.com/errata/RHSA-2026:19125
- access.redhat.com https://access.redhat.com/errata/RHSA-2026:19342
- access.redhat.com https://access.redhat.com/errata/RHSA-2026:19343
- access.redhat.com https://access.redhat.com/errata/RHSA-2026:19344
- access.redhat.com https://access.redhat.com/errata/RHSA-2026:20547
- access.redhat.com https://access.redhat.com/errata/RHSA-2026:20555
- access.redhat.com https://access.redhat.com/errata/RHSA-2026:20557
- access.redhat.com https://access.redhat.com/errata/RHSA-2026:20558
- access.redhat.com https://access.redhat.com/errata/RHSA-2026:20560
- access.redhat.com https://access.redhat.com/errata/RHSA-2026:20561
- access.redhat.com https://access.redhat.com/errata/RHSA-2026:20562
- access.redhat.com https://access.redhat.com/errata/RHSA-2026:20563
- access.redhat.com https://access.redhat.com/errata/RHSA-2026:20575
- access.redhat.com https://access.redhat.com/errata/RHSA-2026:20576
- access.redhat.com https://access.redhat.com/errata/RHSA-2026:20590
- access.redhat.com https://access.redhat.com/errata/RHSA-2026:21699
- access.redhat.com https://access.redhat.com/errata/RHSA-2026:21712
- access.redhat.com https://access.redhat.com/errata/RHSA-2026:21715
- access.redhat.com https://access.redhat.com/errata/RHSA-2026:21716
- access.redhat.com https://access.redhat.com/errata/RHSA-2026:21718
- access.redhat.com https://access.redhat.com/errata/RHSA-2026:21741
- access.redhat.com https://access.redhat.com/errata/RHSA-2026:21742
- access.redhat.com https://access.redhat.com/errata/RHSA-2026:22424
- access.redhat.com https://access.redhat.com/errata/RHSA-2026:22456
- access.redhat.com https://access.redhat.com/errata/RHSA-2026:23254
- access.redhat.com https://access.redhat.com/errata/RHSA-2026:23255
- access.redhat.com https://access.redhat.com/errata/RHSA-2026:23496
- access.redhat.com https://access.redhat.com/errata/RHSA-2026:24341
- access.redhat.com https://access.redhat.com/security/cve/CVE-2026-33999
- bugzilla.redhat.com https://bugzilla.redhat.com/show_bug.cgi?id=2451106
Remediation
No remediation data recorded yet
Check vendor advisories and the NVD entry for patch availability.