Linux Distros Unpatched Vulnerability : CVE-2026-39316

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - OpenPrinting CUPS is an open source printing system for Linux and other Unix-like operating systems. In versions 2.4.16 and prior, a use-after-free vulnerabilit...

PT-2026-30925

Name of the Vulnerable Software and Affected Versions OpenPrinting CUPS versions 2.4.16 and prior Description OpenPrinting CUPS is a printing system for Linux and Unix-like systems. A use-after-free issue exists in the CUPS scheduler cupsd when temporary printers are automatically removed. The...

CVE-2026-27447

OpenPrinting CUPS is an open source printing system for Linux and other Unix-like operating systems. In versions 2.4.16 and prior, CUPS daemon cupsd contains an authorization bypass vulnerability due to case-insensitive username comparison during authorization checks. The vulnerability allows an...

CVE-2026-27447

OpenPrinting CUPS (cupsd) contains an authorization bypass in versions 2.4.16 and earlier due to case-insensitive username comparison during authorization checks. This allows an unprivileged user to access restricted operations by using a username that differs only in case from an authorized user...

CLSA-2026-1769597819 Fix CVE(s): CVE-2025-58436

SECURITY UPDATE: cupsd DoS via slow client connections - debian/patches/CVE-2025-58436.patch: implement non-blocking I/O and connection timeouts to prevent slow clients from blocking cupsd. - CVE-2025-58436...

MiracleLinux 9 : cups-2.3.3op2-21.el9 (AXSA:2023-6748:11)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2023-6748:11 advisory. cups: heap buffer overflow may lead to DoS CVE-2023-32324 cups: use-after-free in cupsdAcceptClient in scheduler/client.c CVE-2023-34241 Tenable has...

CLSA-2026-1768300368 Fix CVE(s): CVE-2025-58436

SECURITY UPDATE: fix DoS by a client that connect to cupsd sends slow messages. - debian/patches/CVE-2025-58436.patch: fix unresponsive cupsd process caused by a slow client. - CVE-2025-58436. Fix test/run-stp-tests.sh - debian/patches/waiting-limit.patch: limit the waiting for a server dunring...

cups: Slow client communication leads to a possible DoS attack

A flaw was found in cups. A client that connects to cupsd but sends slow messages, e.g. only one byte per second, delays cupsd as a whole, such that it becomes unusable by other clients...

CVE-2025-58436

OpenPrinting CUPS is an open source printing system for Linux and other Unix-like operating systems. Prior to version 2.4.15, a client that connects to cupsd but sends slow messages, e.g. only one byte per second, delays cupsd as a whole, such that it becomes unusable by other clients. This issue...

[SECURITY] Fedora 40 Update: libcupsfilters-2.1~b1-3.fc40

Libcupsfilters provides a library, which implements common functions used in cups-browsed daemon and printing filters, and additional files as banner templates and character sets. The filters are used in CUPS daemon and in printer applications...

[SECURITY] Fedora 39 Update: libcupsfilters-2.1~b1-3.fc39

Libcupsfilters provides a library, which implements common functions used in cups-browsed daemon and printing filters, and additional files as banner templates and character sets. The filters are used in CUPS daemon and in printer applications...

[SECURITY] Fedora 41 Update: libcupsfilters-2.1~b1-3.fc41

Libcupsfilters provides a library, which implements common functions used in cups-browsed daemon and printing filters, and additional files as banner templates and character sets. The filters are used in CUPS daemon and in printer applications...

cups: Cupsd Listen arbitrary chmod 0140777

A flaw was found in the cupsd server. When starting the cupsd server with a Listen configuration item pointing to a symbolic link, the cupsd process can perform an arbitrary chmod of the provided argument, providing world-writable access to the target. Since cupsd is often running as root, this...

cups: Cupsd Listen arbitrary chmod 0140777

A flaw was found in the cupsd server. When starting the cupsd server with a Listen configuration item pointing to a symbolic link, the cupsd process can perform an arbitrary chmod of the provided argument, providing world-writable access to the target. Since cupsd is often running as root, this...

cups: Cupsd Listen arbitrary chmod 0140777

A flaw was found in the cupsd server. When starting the cupsd server with a Listen configuration item pointing to a symbolic link, the cupsd process can perform an arbitrary chmod of the provided argument, providing world-writable access to the target. Since cupsd is often running as root, this...

DEBIAN-CVE-2023-34241

OpenPrinting CUPS is a standards-based, open source printing system for Linux and other Unix-like operating systems. Starting in version 2.0.0 and prior to version 2.4.6, CUPS logs data of free memory to the logging service AFTER the connection has been closed, when it should have logged the data...

SUSE CVE-2009-0949

The ippReadIO function in cups/ipp.c in cupsd in CUPS before 1.3.10 does not properly initialize memory for IPP request packets, which allows remote attackers to cause a denial of service NULL pointer dereference and daemon crash via a scheduler request with two consecutive IPPTAGUNSUPPORTED tags...

SUSE CVE-2009-3553

Use-after-free vulnerability in the abstract file-descriptor handling interface in the cupsdDoSelect function in scheduler/select.c in the scheduler in cupsd in CUPS 1.3.7 and 1.3.10 allows remote attackers to cause a denial of service daemon crash or hang via a client disconnection during listin...

NewStart CGSL CORE 5.05 / MAIN 5.05 : cups Multiple Vulnerabilities (NS-SA-2021-0161)

The remote NewStart CGSL host, running version CORE 5.05 / MAIN 5.05, has cups packages installed that are affected by multiple vulnerabilities: - A localhost.localdomain whitelist entry in validhost in scheduler/client.c in CUPS before 2.2.2 allows remote attackers to execute arbitrary IPP...

Denial Of Service (DoS)

The Common UNIX Printing System CUPS is vulnerable to Denial Of Service DoS. A bug was found in the way CUPS handled SSL negotiation. A remote user capable of connecting to the CUPS daemon could cause a denial of service to other CUPS users...