Every CVE whose affected-product data names Freedesktop Libinput, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (4)
CVE-2026-35093 — CVSS 8.8 (high): A flaw was found in libinput. A local attacker who can place a specially crafted Lua bytecode file in certain system or user configuration…
CVE-2026-50292 — CVSS 7.4 (high): In libinput before 1.30.4 and 1.31.x before 1.31.3, libinput-device-group unescaped phys output can inject udev properties leading to…
CVE-2026-35094 — CVSS 3.3 (low): A flaw was found in libinput. An attacker capable of deploying a Lua plugin file in specific system directories can exploit a dangling…