VDB

GCVE-110-MAGEIA-2026-201

GCVE-110-MAGEIA-2026-201
Advisory Published
Vulnetix · Advisory published June 12, 2026
CVE-2026-27447, Authorization bypass via case-insensitive group-member lookup. CVE-2026-39314, Integer underflow in `_ppdCreateFromIPP` causes root cupsd crash via negative `job-password-supported` CVE-2026-39316, Use-after-free in `cupsdDeleteTemporaryPrinters` via dangling subscription pointer CVE-2026-34978, Path traversal in RSS notify-recipient-uri enables file write outside CacheDir/rss (and clobbering of job.cache) CVE-2026-34979, Heap overflow in `get_options()` CVE-2026-34980, Shared PostScript queue lets anonymous Print-Job requests reach `lp`code execution over the network CVE-2026-34990, Local print admin token disclosure using temporary printers. Heap out-of-bounds read in SNMP supply-level polling leaks stack memory to authenticated users. Out-of-bounds heap read in cupsdSetPrinterAttr marker-types parsing

Affected Products

VendorProductVersionsPlatforms
Mageiacups0 (affected), 2.4.6-1.10.mga9 (unaffected)

Browse GCVE Records

73,738 records in the GCVE database · Updated July 19, 2026

No matching records found.

Explore Further

Investigate this vulnerability in the interactive console or download the raw GCVE record.

$ Console Community · 100/wk Open console ›