logo

Critical RCE Vulnerabilities in Fedora libXfont2 Affecting Multiple CVEs

ID: 26eb5c5a-d2bf-57d9-8793-dae138e8caed

STIX ID: report--26eb5c5a-d2bf-57d9-8793-dae138e8caed

Feed Name: ThreatCluster

Threat Score
70/100

Date Published: 2026-07-12

Date Updated: 2026-07-13

...
...

On July 8, 2026 three critical CVEs (CVE-2026-56001, CVE-2026-56002, CVE-2026-56003) were disclosed in libXfont2 allowing remote code execution on Fedora 43 and 44. The maintainer confirmed the issues and users are advised to upgrade to libXfont2 version 2.0.8 (patches available) using the dnf package manager; administrators should apply updates urgently to mitigate risk.

Your team is not currently subscribed to this feed. You must subscribe to it in order to see this post.