In a recent discovery, security researcher Asim Viladi Oglu Manizada and his team have identified two critical vulnerabilities in the Common Unix Printing System (CUPS), designated CVE-2026-34980 and CVE-2026-34990. These flaws can be exploited by unauthenticated attackers to execute remote code and achieve root file overwrites, particularly in networked environments where CUPS is commonly used. CVE-2026-34980 allows attackers to submit malicious print jobs through a shared PostScript queue, while CVE-2026-34990 enables local users to manipulate the CUPS scheduler for further exploits. Although public commits for mitigation exist, a full patch is pending. Given the prevalence of CUPS in Linux and Apple systems, the vulnerabilities present significant risks. This situation highlights the growing threat of AI in identifying code vulnerabilities faster than human maintainers can patch them, underscoring the urgent need for robust security measures in printing systems.
Source link
Share
Read more