CVE-2026-8632
published 2026-05-20CVE-2026-8632: A potential security vulnerability has been identified in the HP Linux Imaging and Printing Software. This potential vulnerability may allow escalation of…
PriorityP350high7.8CVSS 3.1
AVLACLPRLUINSUCHIHAH
EPSS
0.88%
54.6th percentile
A potential security vulnerability has been identified in the HP Linux Imaging and Printing Software. This potential vulnerability may allow escalation of privileges and/or arbitrary code execution via operating system command injection.
Affected
3 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | hplip | — | — |
| hp | linux_imaging_and_printing | < 3.26.4 | 3.26.4 |
| hp_inc | hp_linux_imaging_and_printing_software | < 3.26.4 | 3.26.4 |
CVSS provenance
nvdv3.17.8HIGHCVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
nvdv4.08.5HIGHCVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
vendor_redhat8.5HIGH
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-w45w-c9pr-p65f: A potential security vulnerability has been identified in the HP Linux Imaging and Printing Software
ghsa_unreviewed·2026-05-20
CVE-2026-8632 [HIGH] CWE-77 GHSA-w45w-c9pr-p65f: A potential security vulnerability has been identified in the HP Linux Imaging and Printing Software
A potential security vulnerability has been identified in the HP Linux Imaging and Printing Software. This potential vulnerability may allow escalation of privileges and/or arbitrary code execution via operating system command injection.
VulDB
HP Linux Imaging and Printing Software up to 3.26.3 command injection (EUVD-2026-31194)
vuldb·2026-05-20·CVSS 8.5
CVE-2026-8632 [HIGH] HP Linux Imaging and Printing Software up to 3.26.3 command injection (EUVD-2026-31194)
A vulnerability was found in HP Linux Imaging and Printing Software up to 3.26.3. It has been declared as critical. Affected by this vulnerability is an unknown functionality. Such manipulation leads to command injection.
This vulnerability is listed as CVE-2026-8632. The attack must be carried out locally. There is no available exploit.
It is recommended to upgrade the affected component.
Red Hat
HPLIP: HPLIP: Privilege escalation and arbitrary code execution via operating system command injection
vendor_redhat·2026-05-20·CVSS 8.5
CVE-2026-8632 [HIGH] CWE-78 HPLIP: HPLIP: Privilege escalation and arbitrary code execution via operating system command injection
HPLIP: HPLIP: Privilege escalation and arbitrary code execution via operating system command injection
A flaw was found in the HP Linux Imaging and Printing Software (HPLIP). This vulnerability may allow a local attacker to achieve escalation of privileges and/or arbitrary code execution through operating system command injection. This could lead to an attacker gaining unauthorized control over the affected system.
Package: hplip (Red Hat Enterprise Linux 10) - Affected
Package: hplip (Red Hat Enterprise Linux 6) - Affected
Package: hplip (Red Hat Enterprise Linux 7) - Affected
Package: hplip (Red Hat Enterprise Linux 8) - Affected
Package: hplip (Red Hat Enterprise Linux 9) - Affected
No detection rules found.
No public exploits indexed.
https://support.hp.com/us-en/document/ish_14942099-14942126-16/hpsbpi04118https://access.redhat.com/errata/RHSA-2026:26228https://access.redhat.com/errata/RHSA-2026:26297https://access.redhat.com/errata/RHSA-2026:26335https://access.redhat.com/security/cve/CVE-2026-8632https://bugzilla.redhat.com/show_bug.cgi?id=2480297https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-8632.json
2026-05-20
Published