16
CVEs
2
Critical
8
High
0
KEV
0
PoC
3
Unpatched C/H
56.2%
Patch Rate
0.1%
Avg EPSS
Severity Breakdown
CRITICAL
2
HIGH
8
MEDIUM
5
LOW
0
Monthly CVE Trend
Affected Products (30)
System Management Homepage
28
Intelligent Management Center
25
Storage Data Protector
24
Linux Kernel
19
Service Manager
16
Loadrunner
15
Systems Insight Manager
14
W1A80A Firmware
13
W1A77A Firmware
13
W1A78A Firmware
13
W1A76A Firmware
13
W1A81A Firmware
13
W1A79A Firmware
13
W1A82A Firmware
13
W1A75A Firmware
13
Intelligent Management Center For Automated Network Manager
12
Sitescope
12
Pc Bios
11
Laserjet Pro Mfp M428 M429 F W1A30A Firmware
10
Laserjet Pro M453 M454 W1Y46A Firmware
10
Laserjet Pro M453 M454 W1Y40A Firmware
10
Laserjet Pro Mfp M428 M429 F W1A35A Firmware
10
Laserjet Pro M453 M454 W1Y44A Firmware
10
Laserjet Pro M453 M454 W1Y45A Firmware
10
Laserjet Pro Mfp M428 M429 W1A28A Firmware
10
Laserjet Pro M304 M305 W1A48A Firmware
10
Laserjet Pro Mfp M428 M429 W1A33A Firmware
10
Laserjet Pro M304 M305 W1A66A Firmware
10
Laserjet Pro M453 M454 W1Y41A Firmware
10
Laserjet Pro M304 M305 W1A46A Firmware
10
Top Risky CVEs
| CVE | Summary | Severity | CVSS | EPSS | Priority | Signals |
|---|---|---|---|---|---|---|
| CVE-2026-14544 | Remote code execution and privilege escalation in HPLIP (HP Linux Imaging and Printing) affects the hpcups print filter across Red Hat Enterprise Linux 6 through 10, where an integer overflow triggered by specially crafted print data can corrupt memory. This is an incomplete-fix follow-up to CVE-2026-8631, meaning the original patch did not fully close the flaw, and no public exploit has been identified at time of analysis. The Red Hat CVSS of 9.8 reflects a network-reachable, unauthenticated attack path, though realistic exploitation depends on how the CUPS print pipeline is exposed. | CRITICAL | 9.8 | 0.5% | 50 |
No patch
|
| CVE-2026-8631 | Heap-based integer overflow in the hpcups component of HP Linux Imaging and Printing Software (HPLIP) allows attackers to achieve arbitrary code execution and/or privilege escalation by submitting crafted print data. The CVSS 4.0 base score of 9.3 reflects network-reachable exploitation against the printing subsystem with no authentication or user interaction required, though no public exploit identified at time of analysis and the issue has not been added to CISA KEV. | CRITICAL | 9.3 | 0.0% | 47 |
|
| CVE-2026-4682 | Certain HP DeskJet All in One devices may be vulnerable to remote code execution caused by a buffer overflow when specially crafted Web Services for D | HIGH | 8.7 | 0.0% | 44 |
No patch
|
| CVE-2026-5064 | Local privilege escalation and denial of service in HP One Agent software on HP PC products allow authenticated low-privileged users to gain elevated rights or disrupt the agent. HP has acknowledged the issue and is releasing software updates as mitigation. No public exploit identified at time of analysis, and the flaw is not listed on CISA KEV. | HIGH | 8.5 | 0.1% | 43 |
|
| CVE-2026-8632 | Local privilege escalation in HP Linux Imaging and Printing Software (HPLIP) allows authenticated low-privileged users to execute arbitrary OS commands via command injection, potentially gaining elevated privileges on affected Linux hosts. The CVSS 4.0 score of 8.5 reflects high impact to confidentiality, integrity, and availability with low attack complexity, and no public exploit identified at time of analysis. The vulnerability is reported directly by HP PSIRT under advisory hpsbpi04118. | HIGH | 8.5 | 0.1% | 43 |
|
| CVE-2026-2891 | Denial of service in HP Poly Voice IP endpoints (CCX, Trio C60, and Edge E series) allows an attacker operating or impersonating a SIP server to render affected devices inoperable by returning malformed data during SIP signaling. The flaw is an uncontrolled-resource-consumption / improper-input-handling issue (CWE-400) that crashes or hangs the phone, disrupting voice service. HP has published advisory hpsbpy04096 and is releasing firmware updates; no public exploit is identified at time of analysis and the issue is not listed in CISA KEV. | HIGH | 8.2 | 0.3% | 41 |
|
| CVE-2026-13753 | Information disclosure in HP Deskjet 2800 Series printers running firmware TBP1CN2612AR or earlier lets an unauthenticated attacker on the network read sensitive configuration - including plaintext Wi‑Fi Direct credentials, device identity, and administrative security state - by sending plain GET requests to administrative API endpoints. The same data is gated behind administrator login in the web UI, so these API endpoints bypass the product's own access-control model. No public exploit identified at time of analysis and the CVE is not listed in CISA KEV. | HIGH | 7.5 | 0.3% | 38 |
No patch
|
| CVE-2026-8864 | Local privilege escalation in the HP Fan Control App lets a low-privileged local user gain SYSTEM/administrator-level execution on affected HP endpoints. The flaw stems from CWE-428 (Unquoted Search Path or Element), a classic Windows weakness where a privileged service or process resolves an executable or library from an attacker-controllable path. No public exploit has been identified at time of analysis and it is not listed in CISA KEV; EPSS data was not provided. | HIGH | 7.3 | 0.1% | 37 |
|
| CVE-2026-7539 | Local privilege escalation and arbitrary code execution in the HP Accessory WMI Provider installer bundled with certain HP Docking Stations allows a low-privileged local user to gain elevated (likely SYSTEM) execution. The root cause is insecure temporary-file/directory permissions used during installation (CWE-379), which an attacker can abuse to introduce or replace executable content that a privileged installer process runs. No public exploit identified at time of analysis, and the issue is not listed in CISA KEV; HP has published advisory hpsbhf04129 and is releasing software updates. | HIGH | 7.3 | 0.1% | 37 |
|
| CVE-2026-4667 | HP System Optimizer might potentially be vulnerable to escalation of privilege. HP is releasing an update to mitigate this potential vulnerability. | HIGH | 7.3 | 0.0% | 37 |
|
| CVE-2026-3291 | Samsung Print Service Plugin for Android is potentially vulnerable to information disclosure when using an outdated version of the application via mob | MEDIUM | 6.9 | 0.0% | 35 |
No patch
|
| CVE-2026-1902 | Stored XSS in the Hammas Calendar WordPress plugin through version 1.5.11 allows authenticated contributors and above to inject malicious scripts via the 'apix' parameter in the 'hp-calendar-manage-redirect' shortcode due to inadequate input sanitization. When users access pages containing the injected payload, the scripts execute in their browsers, potentially leading to session hijacking, credential theft, or malware distribution. No patch is currently available. | MEDIUM | 6.4 | 0.0% | 32 |
No patch
|
| CVE-2026-23131 | The HP BIOS configuration driver in the Linux kernel fails to validate attribute names before kobject registration, causing kernel warnings and potential denial of service when HP BIOS returns empty name strings. A local user with standard privileges can trigger this vulnerability to crash or destabilize the system by supplying malformed BIOS attribute data. No patch is currently available for this medium-severity flaw affecting Linux systems with HP BIOS configuration support. | MEDIUM | 5.5 | 0.0% | 28 |
|
| CVE-2026-1997 | HP OfficeJet Pro printers (D9l18a, D9l20a, D9l21a, D9l63a firmware) are vulnerable to information disclosure through CORS misconfiguration when administrators enable the feature on the Embedded Web Server. An unauthenticated remote attacker can exploit this to access sensitive device resources from untrusted web origins. CORS remains disabled by default as a mitigation, but organizations that have explicitly enabled it should apply patches when available. | MEDIUM | 5.3 | 0.0% | 27 |
No patch
|
| CVE-2026-6180 | Race condition in PaperCut MF badge-swipe processing from HP multifunction devices allows unauthorized user login when custom badge-ID post-processing scripts transform truncated badge strings into valid credentials of different users. The vulnerability requires specific network conditions (dropped packets, out-of-order sequence counters, failed sequence reset notifications) and custom script configuration, affecting physical device authentication in networked printing environments. No public exploit identified at time of analysis. | MEDIUM | 4.1 | 0.0% | 21 |
|