CVE-2026-14544

CRITICAL

HPLIP hpcups - Integer Overflow Remote Code Execution

Title source: manual
STIX 2.1

Description

A flaw was found in HPLIP (HP Linux Imaging and Printing Software). This vulnerability, an incomplete fix for CVE-2026-8631, may allow a remote attacker to escalate privileges or achieve arbitrary code execution. This can occur through an integer overflow in the hpcups processing path when handling specially crafted print data.

References (2)

Core 2
Core References
Vdb Entry, X_Refsource_Redhat vdb-entry x_refsource_redhat
https://access.redhat.com/security/cve/CVE-2026-14544
Issue Tracking, X_Refsource_Redhat issue-tracking x_refsource_redhat
RHBZ#2496772
https://bugzilla.redhat.com/show_bug.cgi?id=2496772

Scores

CVSS v3 9.8
EPSS 0.0051
EPSS Percentile 40.0%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment
Exploitation none
Automatable yes
Technical Impact total

Details

CWE
CWE-190
Status published
Products (5)
Red Hat/Red Hat Enterprise Linux 10
Red Hat/Red Hat Enterprise Linux 6
Red Hat/Red Hat Enterprise Linux 7
Red Hat/Red Hat Enterprise Linux 8
Red Hat/Red Hat Enterprise Linux 9
Published Jul 03, 2026
Tracked Since Jul 03, 2026