VDB
GCVE-110-MAGEIA-2026-201
GCVE-110-MAGEIA-2026-201
Advisory Published
CVE-2026-27447, Authorization bypass via case-insensitive group-member
lookup.
CVE-2026-39314, Integer underflow in `_ppdCreateFromIPP` causes root
cupsd crash via negative `job-password-supported`
CVE-2026-39316, Use-after-free in `cupsdDeleteTemporaryPrinters` via
dangling subscription pointer
CVE-2026-34978, Path traversal in RSS notify-recipient-uri enables file
write outside CacheDir/rss (and clobbering of job.cache)
CVE-2026-34979, Heap overflow in `get_options()`
CVE-2026-34980, Shared PostScript queue lets anonymous Print-Job
requests reach `lp`code execution over the network
CVE-2026-34990, Local print admin token disclosure using temporary
printers.
Heap out-of-bounds read in SNMP supply-level polling leaks stack memory
to authenticated users.
Out-of-bounds heap read in cupsdSetPrinterAttr marker-types parsing
Affected Products
| Vendor | Product | Versions | Platforms |
|---|---|---|---|
| Mageia | cups | 0 (affected), 2.4.6-1.10.mga9 (unaffected) | — |
References
Browse GCVE Records
73,738 records in the GCVE database · Updated July 19, 2026
No matching records found.
Explore Further
Investigate this vulnerability in the interactive console or download the raw GCVE record.