CVE-2026-14544
Publication date 3 July 2026
Last updated 16 July 2026
Ubuntu priority
Cvss 3 Severity Score
Description
A flaw was found in HPLIP (HP Linux Imaging and Printing Software). This vulnerability, an incomplete fix for CVE-2026-8631, may allow a remote attacker to escalate privileges or achieve arbitrary code execution. This can occur through an integer overflow in the hpcups processing path when handling specially crafted print data.
Status
| Package | Ubuntu Release | Status |
|---|---|---|
| hplip | 26.04 LTS resolute |
Not affected
|
| 24.04 LTS noble |
Not affected
|
|
| 22.04 LTS jammy |
Not affected
|
|
| 20.04 LTS focal |
Not affected
|
|
| 18.04 LTS bionic |
Not affected
|
|
| 16.04 LTS xenial |
Not affected
|
Notes
mdeslaur
This CVE appears to be a bad Red Hat fix introduced here: https://src.fedoraproject.org/rpms/hplip/c/cdc920743005275ee03c5547a626cdf81019423c?branch=rawhide Ubuntu is not vulnerable to this issue.
Patch details
| Package | Patch details |
|---|---|
| hplip |
Severity score breakdown
CVSS version: CVSS v3.0
Base score
9.8 · Critical
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H