Which versions of HP Linux Imaging and Printing are affected by EUVD-2026-31193?

HP Linux Imaging and Printing Software (HPLIP) contains a critical remote code execution vulnerability in the hpcups component that allows unauthenticated network attackers to execute arbitrary code…. A patch is available.

HP Linux Imaging and Printing EUVD-2026-31193

Q: What is the CVSS score of EUVD-2026-31193?

EUVD-2026-31193 has a CVSS 4.0 base score of 9.3 (Critical). CVSS vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X. EPSS exploitation probability: 0.0%.

| CVE-2026-8631 CRITICAL

Heap-based Buffer Overflow (CWE-122)

2026-05-20 hp-security-alert@hp.com

GHSA-hcc9-h975-pvc2

RCE Buffer Overflow Heap Overflow HP Suse

9.3

CVSS 4.0

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Lifecycle Timeline

Patch available

May 20, 2026 - 22:02 EUVD

Analysis Generated

May 20, 2026 - 21:30 vuln.today

DescriptionNVD

A potential security vulnerability has been identified in the HP Linux Imaging and Printing Software. This potential vulnerability may allow escalation of privileges and/or arbitrary code execution via an integer overflow in the hpcups processing path when handling crafted print data.

AnalysisAI

Heap-based integer overflow in the hpcups component of HP Linux Imaging and Printing Software (HPLIP) allows attackers to achieve arbitrary code execution and/or privilege escalation by submitting crafted print data. The CVSS 4.0 base score of 9.3 reflects network-reachable exploitation against the printing subsystem with no authentication or user interaction required, though no public exploit identified at time of analysis and the issue has not been added to CISA KEV.

RemediationAI

Within 24 hours: Inventory all systems running HPLIP, particularly print servers and Linux-based multifunction devices in your environment. Within 7 days: Implement network segmentation to restrict direct network access to printing infrastructure from untrusted networks; disable unnecessary remote printing protocols (IPP, SNMP) where operationally feasible; restrict print server access to authorized subnets using firewall rules. …

Analysis

Detailed AI-generated intelligence summary covering attack vector, impact assessment, affected versions, remediation steps, and indicators of compromise.

POChttps://••••••••••.com/exploit

PATCHhttps://••••••••••.com/patch

ADVISORYhttps://••••••••••.com/advisory

Full analysis requires sign-in

Get intelligence summaries, risk assessment, exploit details, threat intel, and remediation guidance.

More from same product – last 7 days

CVE-2026-9256 HIGH This Week

8.1 May 22

Heap buffer overflow in NGINX Plus and NGINX Open Source ngx_http_rewrite_module allows unauthenticated remote attackers

CVE-2026-42626 Awaiting Data

5.9 May 22

HP ENVY 5000 series printers VERBASPP1N003.2237A.00 do not properly manage concurrent TCP connections to port 9100 (JetD

Vendor StatusVendor

EUVD-2026-31193 vulnerability details – vuln.today

Back

HP Linux Imaging and Printing EUVD-2026-31193

CVSS VectorNVD

Lifecycle Timeline

DescriptionNVD

AnalysisAI

RemediationAI

Analysis

Full analysis requires sign-in

More from same product – last 7 days

Vendor StatusVendor

Share

HP Linux Imaging and Printing EUVD-2026-31193

CVSS VectorNVD

Lifecycle Timeline

DescriptionNVD

AnalysisAI

RemediationAI

Full analysis requires sign-in

More from same product – last 7 days

Vendor StatusVendor

Share

External POC / Exploit Code