A use-after-free flaw was found in the X.Org X server and Xwayland in SyncChangeCounter(). A client that sets up multiple SyncCounters can trigger a use-after-free when destroying those counters via a second client connection while changing those counters. This may be used to crash the server, or for privilege escalation if the X server runs as root.
A use-after-free flaw
Exploit
CVE-2026-50261
NVD
Refer to CVE-2026-50261 NVD advisory