Every CVE whose affected-product data names Xfree86 Project Xfce, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (1)
CVE-2000-1060 — CVSS 4.6 (medium): The default configuration of XFCE 3.5.1 bypasses the Xauthority access control mechanism with an "xhost + localhost" command in the xinitrc…