CVE-2026-34990

Name of the Vulnerable Software and Affected Versions OpenPrinting CUPS versions 2.4.16 and prior

Description OpenPrinting CUPS is a printing system for Linux and Unix-like operating systems. A local unprivileged user can manipulate cupsd into authenticating to an attacker-controlled localhost IPP service using a reusable Authorization: Local token. This token allows the attacker to make /admin/ requests on localhost and combine CUPS-Create-Local-Printer with printer-is-shared=true to create a file:///... queue, bypassing FileDevice policy restrictions. Printing to this queue can lead to arbitrary root file overwrites, potentially enabling root command execution through techniques like dropping a sudoers fragment.

Recommendations Versions prior to 2.4.16 are affected. At the moment, there is no information about a newer version that contains a fix for this vulnerability.