Skip to main content

Linux Imaging And Printing CVE-2026-8632

| EUVDEUVD-2026-31194 HIGH
Command Injection (CWE-77)
2026-05-20 hp-security-alert@hp.com GHSA-w45w-c9pr-p65f
8.5
CVSS 4.0 · Vendor: hp
Share

Severity by source

Vendor (hp) PRIMARY
8.5 HIGH
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
SUSE
7.8 HIGH
AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Red Hat
7.8 HIGH
qualitative

Primary rating from Vendor (hp).

CVSS VectorVendor: hp

CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Attack Vector
Local
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
X

Lifecycle Timeline

2
Patch available
May 20, 2026 - 22:02 EUVD
Analysis Generated
May 20, 2026 - 21:30 vuln.today

DescriptionCVE.org

A potential security vulnerability has been identified in the HP Linux Imaging and Printing Software. This potential vulnerability may allow escalation of privileges and/or arbitrary code execution via operating system command injection.

AnalysisAI

Local privilege escalation in HP Linux Imaging and Printing Software (HPLIP) allows authenticated low-privileged users to execute arbitrary OS commands via command injection, potentially gaining elevated privileges on affected Linux hosts. The CVSS 4.0 score of 8.5 reflects high impact to confidentiality, integrity, and availability with low attack complexity, and no public exploit identified at time of analysis. The vulnerability is reported directly by HP PSIRT under advisory hpsbpi04118.

Vendor StatusVendor

SUSE

Severity: High
Product Status
SUSE Linux Enterprise Desktop 15 SP7 Fixed
SUSE Linux Enterprise High Performance Computing 15 SP7 Fixed
SUSE Linux Enterprise Module for Basesystem 15 SP7 Fixed
SUSE Linux Enterprise Module for Desktop Applications 15 SP7 Fixed
SUSE Linux Enterprise Server 15 SP7 Fixed

Share

CVE-2026-8632 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy