CVE-2026-8631
published 2026-05-20CVE-2026-8631: A potential security vulnerability has been identified in the HP Linux Imaging and Printing Software. This potential vulnerability may allow escalation of…
PriorityP262critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
EPSS
1.33%
67.6th percentile
A potential security vulnerability has been identified in the HP Linux Imaging and Printing Software. This potential vulnerability may allow escalation of privileges and/or arbitrary code execution via an integer overflow in the hpcups processing path when handling crafted print data.
Affected
3 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | hplip | — | — |
| hp | linux_imaging_and_printing | < 3.26.4 | 3.26.4 |
| hp_inc | hp_linux_imaging_and_printing_software | < 3.26.4 | 3.26.4 |
Detection & IOCsextracted from sources · hover to see the quote
- →The vulnerability is triggered via specially crafted print data processed by the hpcups component of HPLIP; monitor for anomalous or malformed print jobs submitted to HPLIP/hpcups on Linux systems ↗
- →Exploitation can occur remotely without user interaction via the print data processing path; monitor for unexpected privilege escalation or code execution originating from the hpcups process ↗
- →Focus detection on the hpcups processing path within HP Linux Imaging and Printing Software (HPLIP); alert on integer overflow conditions or crashes in hpcups that may indicate exploitation attempts ↗
- ·Affected package (hplip) status across all major Red Hat Enterprise Linux versions (6, 7, 8, 9, 10) is listed as 'Under investigation'; patch availability and confirmed affected version ranges are not yet established ↗
- ·Red Hat classifies this as an 'Important' flaw, indicating high severity; organizations with HPLIP installed should treat this as a priority pending patch availability ↗
CVSS provenance
nvdv3.19.8CRITICALCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
nvdv4.09.3CRITICALCVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
vendor_redhat9.3CRITICAL
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-hcc9-h975-pvc2: A potential security vulnerability has been identified in the HP Linux Imaging and Printing Software
ghsa_unreviewed·2026-05-20
CVE-2026-8631 [CRITICAL] CWE-122 GHSA-hcc9-h975-pvc2: A potential security vulnerability has been identified in the HP Linux Imaging and Printing Software
A potential security vulnerability has been identified in the HP Linux Imaging and Printing Software. This potential vulnerability may allow escalation of privileges and/or arbitrary code execution via an integer overflow in the hpcups processing path when handling crafted print data.
VulDB
HP Linux Imaging and Printing Software up to 3.26.3 heap-based overflow
vuldb·2026-05-20·CVSS 9.3
CVE-2026-8631 [CRITICAL] HP Linux Imaging and Printing Software up to 3.26.3 heap-based overflow
A vulnerability identified as critical has been detected in HP Linux Imaging and Printing Software up to 3.26.3. This vulnerability affects unknown code. The manipulation leads to heap-based buffer overflow.
This vulnerability is documented as CVE-2026-8631. The attack can be initiated remotely. There is not any exploit available.
You should upgrade the affected component.
Red Hat
HPLIP: HPLIP: Arbitrary code execution and privilege escalation via integer overflow in hpcups
vendor_redhat·2026-05-20·CVSS 9.3
CVE-2026-8631 [CRITICAL] CWE-190 HPLIP: HPLIP: Arbitrary code execution and privilege escalation via integer overflow in hpcups
HPLIP: HPLIP: Arbitrary code execution and privilege escalation via integer overflow in hpcups
A flaw was found in HP Linux Imaging and Printing Software (HPLIP). This vulnerability, caused by an integer overflow in the hpcups processing path, occurs when the software handles specially crafted print data. A successful exploit could lead to arbitrary code execution or escalation of privileges on the affected system.
Statement: This Important flaw in HPLIP's hpcups component allows for arbitrary code execution and privilege escalation. The vulnerability can be triggered remotely without user interaction by processing specially crafted print data, posing a significant risk to systems with HPLIP installed.
Package: hplip (Red Hat Enterprise Linux 10) - Under investigation
Package: hplip (R
No detection rules found.
No public exploits indexed.
Hackernews
ThreatsDay Bulletin: Linux Rootkits, Router 0-Day, AI Intrusions, Scam Kits and 25 New Stories
blogs_hackernews·2026-05-21
CVE-2026-45793 ThreatsDay Bulletin: Linux Rootkits, Router 0-Day, AI Intrusions, Scam Kits and 25 New Stories
Home
Threat Intelligence
Vulnerabilities
Cyber Attacks
Webinars
Expert Insights
Awards
Webinars
Awards
Free eBooks
About THN
Jobs
Advertise with us
## ThreatsDay Bulletin: Linux Rootkits, Router 0-Day, AI Intrusions, Scam Kits and 25 New Stories
This week starts small.
A token leaks. A bad package slips in. A login trick works. An old tool shows up again. At first, it feels like the usual mess. Then you see the pattern: attackers are not always breaking in. They are using the parts we already trust.
That is what makes it worrying. The danger is in normal things now - updates, apps, cloud buttons, support chats, trusted accounts. AI does not make the attacks magic. It just helps people try more things, faster.
Here's what showed up this week.
The Pwn2Own Berlin 2026 hack
Bugzilla
CVE-2026-8631 hplip: HPLIP: Arbitrary code execution and privilege escalation via integer overflow in hpcups [fedora-all]
bugzilla·2026-05-26·CVSS 9.3
CVE-2026-8631 [CRITICAL] CVE-2026-8631 hplip: HPLIP: Arbitrary code execution and privilege escalation via integer overflow in hpcups [fedora-all]
CVE-2026-8631 hplip: HPLIP: Arbitrary code execution and privilege escalation via integer overflow in hpcups [fedora-all]
Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process.
Bugzilla
CVE-2026-8631 HPLIP: HPLIP: Arbitrary code execution and privilege escalation via integer overflow in hpcups
bugzilla·2026-05-20·CVSS 9.3
CVE-2026-8631 [CRITICAL] CVE-2026-8631 HPLIP: HPLIP: Arbitrary code execution and privilege escalation via integer overflow in hpcups
CVE-2026-8631 HPLIP: HPLIP: Arbitrary code execution and privilege escalation via integer overflow in hpcups
A potential security vulnerability has been identified in the HP Linux Imaging and Printing Software. This potential vulnerability may allow escalation of privileges and/or arbitrary code execution via an integer overflow in the hpcups processing path when handling crafted print data.
https://support.hp.com/us-en/document/ish_14942099-14942126-16/hpsbpi04118https://access.redhat.com/errata/RHSA-2026:26228https://access.redhat.com/errata/RHSA-2026:26297https://access.redhat.com/errata/RHSA-2026:26335https://access.redhat.com/security/cve/CVE-2026-8631https://bugzilla.redhat.com/show_bug.cgi?id=2480300https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-8631.json
2026-05-20
Published