You are using an out of date browser. It may not display this or other websites correctly. You should upgrade or use an alternative browser.
cve 2026-34978
About this tag
CVE-2026-34978 is a medium-severity vulnerability in OpenPrinting CUPS, published in early April 2026. It allows a remote IPP client to exploit the RSS notification URI field, enabling path traversal out of the CUPS RSS cache directory. This can overwrite lp-writable state files such as job.cache. While not a critical remote code execution bug, it highlights ongoing risks in print infrastructure. The vulnerability resides in notification and cache file handling, making it a concern for system administrators managing CUPS-based print servers. Discussions on WindowsForum cover the technical details, impact, and mitigation strategies for this CVE.
CVE-2026-34978 is a medium-severity OpenPrinting CUPS vulnerability, published in early April 2026, that lets a remote IPP client abuse the RSS notification URI field to traverse out of CUPS’ RSS cache directory and overwrite lp-writable state files such as job.cache. It is not the kind of bug...