https://support.hp.com/us-en/document/ish_14942099-14942126-16/hpsbpi04118
warns:
HP Linux Imaging and Printing Software – Potential Escalation of Privilege and
Arbitrary Code Execution
Potential security vulnerabilities have been identified in the HP Linux Imaging
and Printing Software. These potential vulnerabilities may allow escalation of
privileges and/or arbitrary code execution via command injection or buffer
overflow.
Severity: Critical
HP Reference: HPSBPI04118 Rev. 1
Release date: May 20, 2026
Last updated: May 20, 2026
Category: Print Software
Reported by Mohamed Lemine Ahmed Jidou (AegisSec) (CVE-2026-8631)
and Aisle Research (CVE-2026-8632).
List of CVE IDs
---------------
CVE ID: CVE-2026-8631
CVSS: 9.3
Severity: Critical
Vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
CVE ID: CVE-2026-8632
CVSS: 8.5
Severity: High
Vector: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
Resolution
----------
HP has identified affected versions and the minimum software version that
mitigates the potential vulnerabilities. See the affected product list below.
Newer software versions might become available, and the minimum versions listed
below might become obsolete. If a link becomes invalid, check the HP Software
and Drivers Support site to obtain the latest update for your product model.
HP recommends keeping your system up to date with the latest firmware and
software.
Affected products
-----------------
Product Name: HP Linux Imaging and Printing
Updated Version: 3.26.4
Download Link:
https://developers.hp.com/hp-linux-imaging-and-printing/gethplip
