Analysis and contextual insights are available on OpenCVE Cloud.
No vendor fix or workaround currently provided.
Additional remediation guidance may be available on OpenCVE Cloud.
Tracking
Sign in to view the affected projects.
No advisories yet.
Mon, 08 Jun 2026 15:30:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Title | Libinput: local privilege escalation via crafted uinput devices | libinput: local privilege escalation via crafted uinput devices |
| References |
|
|
| Metrics |
ssvc
|
Mon, 08 Jun 2026 14:30:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Description | A flaw was found in libinput. A local attacker with access to /dev/uinput can inject arbitrary udev properties through the libinput-device-group helper. This injection can lead to root code execution, for example, by exploiting REMOVE_CMD properties that are executed when a device is removed. This vulnerability allows an attacker to gain elevated privileges on the system. | This CVE ID was assigned as a duplicate of CVE-2026-50292 |
| CPEs | cpe:/o:redhat:enterprise_linux:7 cpe:/o:redhat:enterprise_linux:8 cpe:/o:redhat:enterprise_linux:9 |
Fri, 05 Jun 2026 12:30:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| References |
|
Fri, 05 Jun 2026 12:15:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| References |
| |
| Metrics |
threat_severity
|
threat_severity
|
Fri, 05 Jun 2026 11:30:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Metrics |
ssvc
|
Fri, 05 Jun 2026 10:45:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Description | A flaw was found in libinput. A local attacker with access to /dev/uinput can inject arbitrary udev properties through the libinput-device-group helper. This injection can lead to root code execution, for example, by exploiting REMOVE_CMD properties that are executed when a device is removed. This vulnerability allows an attacker to gain elevated privileges on the system. | |
| Title | Libinput: local privilege escalation via crafted uinput devices | |
| First Time appeared |
Redhat
Redhat enterprise Linux |
|
| Weaknesses | CWE-78 | |
| CPEs | cpe:/o:redhat:enterprise_linux:10 cpe:/o:redhat:enterprise_linux:7 cpe:/o:redhat:enterprise_linux:8 cpe:/o:redhat:enterprise_linux:9 |
|
| Vendors & Products |
Redhat
Redhat enterprise Linux |
|
| References |
| |
| Metrics |
cvssV3_1
|
Status: REJECTED
Assigner: redhat
Published:
Updated: 2026-06-08T14:02:09.197Z
Reserved: 2026-06-04T14:55:24.012Z
Link: CVE-2026-50265
Updated:
Status : Rejected
Published: 2026-06-05T11:16:36.853
Modified: 2026-06-08T15:16:48.550
Link: CVE-2026-50265
OpenCVE Enrichment
Updated: 2026-06-07T11:18:13Z