Ubuntu 22.04 LTS / 24.04 LTS / 25.10 / 26.04 LTS : CUPS vulnerabilities (USN-8405-1)

The remote Ubuntu 22.04 LTS / 24.04 LTS / 25.10 / 26.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-8405-1 advisory. Ariel Silver discovered that CUPS incorrectly handled username comparisons during authorization checks. A local attacker...

EulerOS 2.0 SP11 : cups (EulerOS-SA-2026-2237)

According to the versions of the cups packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : OpenPrinting CUPS is an open source printing system for Linux and other Unix-like operating systems. In versions 2.4.16 and prior, there is a...

Astra Linux - уязвимость в cups

Due to a failure in validating the length provided by a PPD PostScript document crafted by an attacker, CUPS and libppd are vulnerable to a heap-based buffer overflow, potentially leading to code execution. This issue has been fixed in CUPS version 2.4.7, released in September 2023...

Astra Linux - уязвимость в cups

An authentication issue has been resolved through improved state management. This issue is fixed in macOS Big Sur 11.7.7, macOS Monterey 12.6.6, and macOS Ventura 13.4. Unauthenticated users may be able to access recently printed documents...

Astra Linux – Vulnerability in cups

A logic issue has been resolved through improved state management. This issue is fixed in Security Update 2022-003 Catalina, macOS Monterey 12.3, and macOS Big Sur 11.6.5. It is possible that an application may gain elevated privileges as a result of this fix...

Astra Linux - уязвимость в cups

OpenPrinting CUPS is a standards-based, open-source printing system for Linux and other Unix-like operating systems. Starting from version 2.0.0 and before version 2.4.6, CUPS logged data from free memory to the logging service after the connection was closed. This should have happened just befor...

Astra Linux – Vulnerability in cups

OpenPrinting CUPS is an open-source printing system. In versions 2.4.2 and earlier, a heap buffer overflow vulnerability existed, which allowed a remote attacker to launch a Denial-of-Service DoS attack. This vulnerability was present in the formatlogline function. Exploitation of this...

CVE-2026-41079

A flaw was found in CUPS. A network-adjacent attacker can send a specially crafted Simple Network Management Protocol SNMP response to the CUPS SNMP backend, leading to an out-of-bounds read. This vulnerability allows for the disclosure of up to 176 bytes of sensitive memory, which is then...

CLSA-2026-1777392623 cups: Fix of CVE-2026-34980

CVE-2026-34980: filter control characters from IPP option values and allowlist PPD keywords returned by filters so a remote attacker cannot inject cupsFilter/cupsFilter2 entries on a shared PostScript queue and gain code execution as the cupsd user...

CVE-2026-41079

OpenPrinting CUPS is an open source printing system for Linux and other Unix-like operating systems. Prior to 2.4.17, a network-adjacent attacker can send a crafted SNMP response to the CUPS SNMP backend that causes an out-of-bounds read of up to 176 bytes past a stack buffer. The leaked memory i...

CVE-2026-34979 affecting package cups for versions less than 2.4.17-1

CVE-2026-34979 affecting package cups for versions less than 2.4.17-1. An upgraded version of the package is available that resolves this issue...

Unity Linux 20.1050a / 20.1060a / 20.1070a Security Update: cups (UTSA-2026-010663)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-010663 advisory. OpenPrinting CUPS is an open source printing system for Linux and other Unix-like operating systems. In versions 2.4.16 and prior, a local unprivileged user can coer...

Security Bulletin: Vulnerabilities in cups affects IBM Netezza Appliance

Summary The cups package is used by IBM Netezza Appliance . IBM Netezza Appliance has addressed the applicable CVEs CVE-2025-58436, CVE-2025-61915 Vulnerability Details CVEID:CVE-2025-58436 DESCRIPTION: OpenPrinting CUPS is an open source printing system for Linux and other Unix-like operating...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: cups (UTSA-2026-007170)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-007170 advisory. OpenPrinting CUPS is an open source printing system for Linux and other Unix-like operating systems. In versions 2.4.16 and prior, in a network-exposed cupsd with a...

CVE-2026-39316

OpenPrinting CUPS is an open source printing system for Linux and other Unix-like operating systems. In versions 2.4.16 and prior, a use-after-free vulnerability exists in the CUPS scheduler cupsd when temporary printers are automatically deleted. cupsdDeleteTemporaryPrinters in...

CVE-2026-39316

OpenPrinting CUPS contains a use-after-free in the cupsd scheduler when deleting temporary printers. In cupsdDeleteTemporaryPrinters(), cupsdDeletePrinter() is called without expiring subscriptions that reference the printer, leaving cupsd_subscription_t.dest as a dangling pointer to freed memor...

CVE-2026-39316 CUPS has a use-after-free in `cupsdDeleteTemporaryPrinters` via dangling subscription pointer

OpenPrinting CUPS is an open source printing system for Linux and other Unix-like operating systems. In versions 2.4.16 and prior, a use-after-free vulnerability exists in the CUPS scheduler cupsd when temporary printers are automatically deleted. cupsdDeleteTemporaryPrinters in...

EUVD-2026-19805

OpenPrinting CUPS is an open source printing system for Linux and other Unix-like operating systems. In versions 2.4.16 and prior, an integer underflow vulnerability in ppdCreateFromIPP cups/ppd-cache.c allows any unprivileged local user to crash the cupsd root process by supplying a negative...

CVE-2026-39314

OpenPrinting CUPS (CVE-2026-39314) is vulnerable in versions 2.4.16 and prior. The root cause is an integer underflow in _ppdCreateFromIPP (cups/ppd-cache.c): a negative job-password-supported IPP attribute passes bounds checks, is cast to size_t, and is used as a length in memset() on a 33-byte ...

PT-2026-30924

Name of the Vulnerable Software and Affected Versions OpenPrinting CUPS versions 2.4.16 and prior Description OpenPrinting CUPS is an open source printing system for Linux and other Unix-like operating systems. An integer underflow in the ppdCreateFromIPP function cups/ppd-cache.c allows a local...