DEBIAN-CVE-2026-34980
OpenPrinting CUPS is an open source printing system for Linux and other Unix-like operating systems. In versions 2.4.16 and prior, in a network-exposed cupsd with a shared target queue, an unauthorized client can send a Print-Job to that shared PostScript queue without authentication. The server accepts a page-border value supplied as textWithoutLanguage, preserves an embedded newline through option escaping and reparse, and then reparses the resulting second-line PPD: text as a trusted scheduler control record. A follow-up raw print job can therefore make the server execute an attacker-chosen existing binary such as /usr/bin/vim as lp. At time of publication, there are no publicly available patches.
Risk Scores
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Debian:14 | cups | 2.4.14-1, 2.4.15-1, 2.4.16-1 |
| Debian:13 | cups | 2.4.15-1, 2.4.16-1, 2.4.17-1 |
| Debian:12 | cups | 2.4.17-1, 2.4.18-1, 2.4.2-3 |
| Debian:11 | cups | 2.4.2-6, 0, 2.3.3op2-3+deb11u1 |
Exploit Intelligence
- printerxpl.lua (github-poc)
- poc_root.py (github-poc)
- poc.py (github-poc)
Timeline
- Apr 3, 2026 CVE Published
- May 15, 2026 CVE Updated