Critical HPLIP Vulnerabilities Allow Arbitrary Code Execution

Two vulnerabilities were discovered in the HP Linux Printing and Imaging System (HPLIP), identified as CVE-2026-8631 and CVE-2026-8632. These flaws allow attackers to execute arbitrary code through improper handling of print data and inputs. Affected systems include various versions of HPLIP across Ubuntu distributions. The vulnerabilities were published on May 20, 2026, and pose a significant risk to users who have not updated their systems. A standard system update can mitigate these issues. Ubuntu Pro users benefit from extended security coverage for these packages. Users are advised to update to the latest package versions to ensure their systems are secure.

Key Points: • CVE-2026-8631 and CVE-2026-8632 allow arbitrary code execution in HPLIP. • Affected systems include multiple Ubuntu versions with HPLIP installed. • Users should update their systems to mitigate these vulnerabilities.