How to fix CVE-2026-35093?

Within 24 hours: Inventory all systems running libinput (check via 'pkg-config --modversion libinput' on Linux desktops and servers; review application dependencies). Audit configuration directory permissions on /etc/libinput* and user ~/.config/libinput* to restrict write access to root/trusted users only. Within 7 days: Implement file integrity monitoring on libinput configuration directories and restrict local account creation on systems where possible; document current libinput versions in use. Within 30 days: Monitor vendor advisories for patch availability and plan immediate deployment to all affected systems once released; consider architectural changes to reduce local user access on critical systems.

CVE-2026-35093

EUVD-2026-17907 HIGH

2026-04-01 [email protected]

8.8

CVSS 3.1

CVSS Vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H

Attack Vector

Local

Attack Complexity

Low

Privileges Required

Low

User Interaction

None

Scope

Changed

Confidentiality

High

Integrity

High

Availability

High

Lifecycle Timeline

Analysis Generated

Apr 01, 2026 - 14:22 vuln.today

EUVD ID Assigned

Apr 01, 2026 - 14:22 euvd

EUVD-2026-17907

CVE Published

Apr 01, 2026 - 14:16 nvd

HIGH 8.8

Description

A flaw was found in libinput. A local attacker who can place a specially crafted Lua bytecode file in certain system or user configuration directories can bypass security restrictions. This allows the attacker to run unauthorized code with the same permissions as the program using libinput, such as a graphical compositor. This could lead to the attacker monitoring keyboard input and sending that information to an external location.

Analysis

Local privilege escalation in libinput allows authenticated users to execute arbitrary code within graphical compositor contexts by placing malicious Lua bytecode in system or user configuration directories. The vulnerability achieves scope change (CVSS:S:C) with high impact across confidentiality, integrity, and availability (8.8 CVSS), enabling attackers to monitor keyboard input including passwords and sensitive data. …

Remediation

Within 24 hours: Inventory all systems running libinput (check via 'pkg-config --modversion libinput' on Linux desktops and servers; review application dependencies). Audit configuration directory permissions on /etc/libinput* and user ~/.config/libinput* to restrict write access to root/trusted users only. …

Analysis

Detailed AI-generated intelligence summary covering attack vector, impact assessment, affected versions, remediation steps, and indicators of compromise.

POChttps://••••••••••.com/exploit

PATCHhttps://••••••••••.com/patch

ADVISORYhttps://••••••••••.com/advisory

Full analysis requires sign-in

Get intelligence summaries, risk assessment, exploit details, threat intel, and remediation guidance.

Priority Score

Low Medium High Critical

KEV: 0

EPSS: +0.0

CVSS: +44

POC: 0

CVE-2026-35093 vulnerability details – vuln.today

Back

CVE-2026-35093

CVSS Vector

Lifecycle Timeline

Tags

Description

Analysis

Remediation

Analysis

Full analysis requires sign-in

Priority Score

Share

CVE-2026-35093

CVSS Vector

Lifecycle Timeline

Tags

Description

Analysis

Remediation

Full analysis requires sign-in

Priority Score

Share

External POC / Exploit Code