Skip to main content
Echelon
Graph
Product
Directory
Enterprise
Compliance
Pulse
Exposures
AI Analyst
Compare
Docs
Login
Start Free
Pulse
›
Vendor Advisories
›
Microsoft Security Response Center (MSRC)
›
CVE-2026-50292
CVE-2026-50292
High
CVSS
7.4
In libinput before 1.30.4 and 1.31.x before 1.31.3, libinput-device-group unescaped phys output can inject udev properties leading to arbitrary root code execution
Vendor
Microsoft Security Response Center (MSRC)
Published
June 9, 2026
Last Modified
—
🔗 CVE IDs covered (1)
CVE-2026-50292 →