CVE-2026-14544

NameCVE-2026-14544
DescriptionA flaw was found in HPLIP (HP Linux Imaging and Printing Software). This vulnerability, an incomplete fix for CVE-2026-8631, may allow a remote attacker to escalate privileges or achieve arbitrary code execution. This can occur through an integer overflow in the hpcups processing path when handling specially crafted print data.
SourceCVE (at NVD; CERT, ENISA, LWN, oss-sec, fulldisc, Debian ELTS, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, GitHub advisories/code/issues, web search, more)

Vulnerable and fixed packages

The table below lists information on source packages.

Source PackageReleaseVersionStatus
hplip (PTS)bullseye3.21.2+dfsg1-2vulnerable
bookworm3.22.10+dfsg0-2vulnerable
trixie3.22.10+dfsg0-8.1vulnerable
forky, sid3.26.4+dfsg0-2vulnerable

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
hplipsource(unstable)(unfixed)

Notes

https://bugzilla.redhat.com/show_bug.cgi?id=2496772

Search for package or bug name: Reporting problems