Back

Critical RCE and Root Access Vulnerabilities Discovered in CUPS

Severity: High (Score: 71.0)

Sources: Theregister, Heyitsas.Im

Summary

Two vulnerabilities, CVE-2026-34980 and CVE-2026-34990, have been identified in CUPS, the Common Unix Printing System, allowing unauthenticated remote code execution (RCE) and potential root file overwrite. Discovered by Asim Viladi Oglu Manizada and his team, these flaws can be exploited by an attacker with access to a shared PostScript queue on the network. CVE-2026-34980 enables RCE as the lp user, while CVE-2026-34990 allows for privilege escalation to root. Both vulnerabilities affect CUPS version 2.4.16, and while public commits for fixes exist, no official patched version has been released yet. The default configuration of CUPS, which accepts anonymous print-job requests, exacerbates the risk. As of now, there are no confirmed exploitations, but the potential for widespread impact remains significant due to CUPS's extensive use in corporate environments. Security measures like SELinux or AppArmor can mitigate the risks if properly configured. Key Points: • CUPS vulnerabilities CVE-2026-34980 and CVE-2026-34990 allow unauthenticated RCE and root access. • Public commits exist for fixes, but no official patch has been released yet. • The default CUPS configuration increases vulnerability exposure in networked environments.

Key Entities

  • Remote Code Execution (attack_type)
  • CVE-2026-34980 (cve)
  • CVE-2026-34990 (cve)
  • T1059 - Command and Scripting Interpreter (mitre_attack)
  • CUPS (platform)
  • Linux (platform)
  • VIM (platform)
Loading threat details...

Threat Not Found

The threat cluster you're looking for doesn't exist or has been removed.

Return to Feed