Critical RCE Vulnerabilities in Fedora libXfont2 Affecting Multiple CVEs
ID: 26eb5c5a-d2bf-57d9-8793-dae138e8caed
STIX ID: report--26eb5c5a-d2bf-57d9-8793-dae138e8caed
Feed Name: ThreatCluster
Threat Score
On July 8, 2026 three critical CVEs (CVE-2026-56001, CVE-2026-56002, CVE-2026-56003) were disclosed in libXfont2 allowing remote code execution on Fedora 43 and 44. The maintainer confirmed the issues and users are advised to upgrade to libXfont2 version 2.0.8 (patches available) using the dnf package manager; administrators should apply updates urgently to mitigate risk.
Your team is not currently subscribed to this feed. You must subscribe to it in order to see this post.
