CRITICALVulnerability
Verified
Global

NVD CRITICAL: CVE-2026-50292 — In libinput before 1.30.4 and 1.31.x before 1.31.3, libinput-device-group unesca...

·Source: NIST NVD

Updated:

Executive Summary

In libinput before 1.30.4 and 1.31.x before 1.31.3, libinput-device-group unescaped phys output can inject udev properties leading to arbitrary root code execution

Analysis

In libinput before 1.30.4 and 1.31.x before 1.31.3, libinput-device-group unescaped phys output can inject udev properties leading to arbitrary root code execution CVSS Score: 7.4. Published: 2026-06-04T18:16:32.530.

Indicators of Compromise (1)

CVE (1)
CVE-2026-50292
NVDMITRE CVE
Source Attribution

Originally published by NIST NVD on Jun 4, 2026. Verified by: NIST.

Related Threats

MEDIUMVulnerability

Canada's Koho hits unicorn status and targets banking license

Canadian fintech Koho has raised C$130 million at a C$1.33 billion valuation, providing it with the initial capital base it needs in its pursuit of a federal banking license.

Finextra
MEDIUMVulnerability

Digital Asset raises $355m to make Canton the onchain infrastructure for capital markets

A host of financial services giants, including BNP Paribas, Coinbase and HSBC, have joined a $355 million funding round for Digital Asset, the firm behind the Canton Network public, permissionless blockchain purpose-built for institutional finance.

Finextra
MEDIUMVulnerability

Japanese energy firm loses drive with data of 10.9 million clients

Kyushu Electric Power Co., Inc. has disclosed a physical security incident that affects private data of more than 10 million customers. [...]

BleepingComputer