What is GHSA-g562-3mh5-27v6?

GHSA-g562-3mh5-27v6 is a security advisory published by GitHub Security Advisories with High severity. A flaw was found in the X.Org X server. This integer underflow vulnerability, specifically in the...

Which CVE IDs does GHSA-g562-3mh5-27v6 cover?

GHSA-g562-3mh5-27v6 covers the following CVE IDs: CVE-2026-33999. Each CVE has its own detail page on EchelonGraph Pulse with the synthesized EG score.

What is the CVSS v3 score of GHSA-g562-3mh5-27v6?

GHSA-g562-3mh5-27v6 has a CVSS v3 base score of 7.8, published by GitHub Security Advisories.

GHSA-g562-3mh5-27v6HighCVSS 7.8

A flaw was found in the X.Org X server. This integer underflow vulnerability, specifically in the...

Vendor

GitHub Security Advisories

Published

April 23, 2026

Last Modified

May 20, 2026

🔗 CVE IDs covered (1)

CVE-2026-33999 →

📋 Description

A flaw was found in the X.Org X server. This integer underflow vulnerability, specifically in the XKB compatibility map handling, allows an attacker with local or remote X11 server access to trigger a buffer read overrun. This can lead to memory-safety violations and potentially a denial of service (DoS) or other severe impacts.

🔗 References (15)

https://nvd.nist.gov/vuln/detail/CVE-2026-33999
https://access.redhat.com/security/cve/CVE-2026-33999
https://bugzilla.redhat.com/show_bug.cgi?id=2451106
https://access.redhat.com/errata/RHSA-2026:10739
https://access.redhat.com/errata/RHSA-2026:11352
https://access.redhat.com/errata/RHSA-2026:11369
https://access.redhat.com/errata/RHSA-2026:11388
https://access.redhat.com/errata/RHSA-2026:11692
https://access.redhat.com/errata/RHSA-2026:11656
https://access.redhat.com/errata/RHSA-2026:13414
https://access.redhat.com/errata/RHSA-2026:19125
https://access.redhat.com/errata/RHSA-2026:19343
https://access.redhat.com/errata/RHSA-2026:19342
https://access.redhat.com/errata/RHSA-2026:19344
https://github.com/advisories/GHSA-g562-3mh5-27v6