CVE-2026-8632
EUVD-2026-3119420.05.2026, 21:16
A potential security vulnerability has been identified in the HP Linux Imaging and Printing Software. This potential vulnerability may allow escalation of privileges and/or arbitrary code execution via operating system command injection.
Affected Products (NVD)
| Vendor | Product | Version |
|---|---|---|
| hp | linux_imaging_and_printing | 𝑥 < 3.26.4 |
𝑥
= Vulnerable software versions
openSUSE / SLES Releases
openSUSE Product | |||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| hplip |
| ||||||||||||||||||||
| hplip-devel |
| ||||||||||||||||||||
| hplip-hpijs |
| ||||||||||||||||||||
| hplip-sane |
| ||||||||||||||||||||
| hplip-udev-rules |
|
Common Weakness Enumeration
- CWE-77 - Improper Neutralization of Special Elements used in a Command ('Command Injection')The software constructs all or part of a command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended command when it is sent to a downstream component.
- CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')The software constructs all or part of an OS command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended OS command when it is sent to a downstream component.
Vulnerability Media Exposure
References