SecAlerts
CVE ListPricingSign Up
OpenPrinting logo

OpenPrinting

Security Risk Profile

44
/100
medium

Security Risk Score

Comprehensive risk assessment based on 50 vulnerabilities, EPSS scores, exploitation status, and remediation availability.

📅 Data spans from July 13, 2011 to present

50
Total CVEs
9
Critical+High
0
Exploited
2
Unpatched

Threat Assessment

Avg CVSS
6.1
Base severity
Avg EPSS
0%
Exploit probability
Unpatched
2
Critical/High
Risk Level
44/100
medium

Severity Distribution

Critical
2
High
7
Medium
19
Low
2

Exploit Likelihood

>50% chance
0
20-50%
0
5-20%
0
<5%
0

Age Distribution

Common Weaknesses (CWE)

1
Buffer Overflow
6
2
Input Validation
4
3
Use After Free
2
4
Race Condition
2
5
Infoleak
1

Most Affected Products

1. OpenPrinting CUPS43
2. ubuntu/cups18
3. Apple iOS and macOS15
4. OpenPrinting cups-filters12
5. Microsoft azl3 cups 2.4.16-19

Recent Vulnerabilities

See more →
CVE-2026-41079
CVSS 5.4medium

OpenPrinting CUPS: Heap out-of-bounds read in SNMP supply-level polling leaks stack memory to authenticated users

4/24/2026
https://seclists.org/oss-sec/2026/q2/47
unknown

[EXTERN] [oss-security] Multiple CVEs disclosed in CUPS

4/8/2026🔧 No Patch
https://reddit.com/r/netsec/comments/1sflk3t/spooler_alert_remote_unauthd_rcetoroot_chain_in/
unknown

Spooler Alert: Remote Unauth'd RCE-to-root Chain in CUPS

4/8/2026🔧 No Patch
https://seclists.org/oss-sec/2026/q2/41
unknown

Multiple CVEs disclosed in CUPS

4/8/2026🔧 No Patch
CVE-2026-39316
CVSS 6.2medium

CUPS has a use-after-free in `cupsdDeleteTemporaryPrinters` via dangling subscription pointer

4/7/2026
CVE-2026-39314
CVSS 6.2medium

CUPS has an integer underflow in `_ppdCreateFromIPP` causes root cupsd crash via negative `job-password-supported`

4/7/2026
CVE-2026-34980
CVSS 6.1medium

OpenPrinting CUPS: Shared PostScript queue lets anonymous Print-Job requests reach `lp` code execution over the network

4/3/2026
CVE-2026-34979
CVSS 5.3medium

OpenPrinting CUPS: Heap overflow in `get_options()`

4/3/2026
CVE-2026-34978
CVSS 6.5medium

OpenPrinting CUPS: Path traversal in RSS notify-recipient-uri enables file write outside CacheDir/rss (and clobbering of job.cache)

4/3/2026
CVE-2026-34990
CVSS 5.0medium

OpenPrinting CUPS: Local print admin token disclosure using temporary printers

4/3/2026

Monitor OpenPrinting in Real-Time

Get instant alerts when new vulnerabilities are discovered. Stay ahead of security threats with SecAlerts.

Start Free TrialBook a Demo
Powered bySecAlerts

Monitor Your Software Stack in Real-Time

Get instant alerts when vulnerabilities are discovered in your software stack. Stay ahead of security threats with SecAlerts.

Start Free TrialBook a Demo
AboutNewsDocumentationTermsContact

© 2026 SecAlerts Pty Ltd. All rights reserved.

OpenPrinting Security Vulnerabilities & Risk Score | 50 CVEs | SecAlerts - SecAlerts