Heap-Based Buffer Overflow in OpenPrinting CUPS Affects Linux Systems
CVE-2026-34979

5.3MEDIUM

Key Information:

Vendor: Openprinting
Status: Cups
Vendor: CVE Published:; 3 April 2026

🔔 Create Openprinting Vulnerability Alert

What is CVE-2026-34979?

OpenPrinting CUPS, an open-source printing system for Linux and Unix-like operating systems, contains a heap-based buffer overflow vulnerability in its scheduler. This issue arises during the construction of filter option strings from job attributes in versions 2.4.16 and earlier. As of the latest information, no public patches are available to address this vulnerability, underscoring the importance of monitoring and mitigating security risks associated with the CUPS software.

Affected Version(s)

cups <= 2.4.16

References

https://github.com/OpenPrinting/cups/security/advisories/...

x_refsource_CONFIRM

CVSS V3.1

Score:

5.3

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Apr 3, 2026
Vulnerability Reserved
Mar 31, 2026

CVE-2026-34979 Data

JSON