{
  "threat_severity" : "Low",
  "public_date" : "2026-04-24T16:54:38Z",
  "bugzilla" : {
    "description" : "cups: CUPS: Information disclosure via crafted SNMP response",
    "id" : "2461611",
    "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=2461611"
  },
  "cvss3" : {
    "cvss3_base_score" : "4.3",
    "cvss3_scoring_vector" : "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
    "status" : "draft"
  },
  "cwe" : "CWE-125",
  "details" : [ "A flaw was found in CUPS. A network-adjacent attacker can send a specially crafted Simple Network Management Protocol (SNMP) response to the CUPS SNMP backend, leading to an out-of-bounds read. This vulnerability allows for the disclosure of up to 176 bytes of sensitive memory, which is then converted and stored as printer supply description strings. Authenticated users can subsequently view this leaked information through IPP Get-Printer-Attributes responses and the CUPS web interface." ],
  "statement" : "This is a Low impact information disclosure flaw in CUPS, where a network-adjacent attacker can trigger an out-of-bounds read in the SNMP backend. This vulnerability allows for the disclosure of up to 176 bytes of sensitive memory, which is then accessible to authenticated users via the CUPS web interface or IPP responses. The impact is limited due to the network-adjacent attack vector, the requirement for authenticated access to view the leaked data and the small amount of leak information which is then garbled by the UTF-8 conversion. For the CUPS versions distributed with Red Hat supported products there's no availability impact as CUPS is not built with debugging mechanisms, such as address sanitizers or valgrind, which could lead the targeted application to crash.",
  "package_state" : [ {
    "product_name" : "Red Hat Enterprise Linux 10",
    "fix_state" : "Fix deferred",
    "package_name" : "cups",
    "cpe" : "cpe:/o:redhat:enterprise_linux:10"
  }, {
    "product_name" : "Red Hat Enterprise Linux 6",
    "fix_state" : "Out of support scope",
    "package_name" : "cups",
    "cpe" : "cpe:/o:redhat:enterprise_linux:6"
  }, {
    "product_name" : "Red Hat Enterprise Linux 7",
    "fix_state" : "Fix deferred",
    "package_name" : "cups",
    "cpe" : "cpe:/o:redhat:enterprise_linux:7"
  }, {
    "product_name" : "Red Hat Enterprise Linux 8",
    "fix_state" : "Fix deferred",
    "package_name" : "cups",
    "cpe" : "cpe:/o:redhat:enterprise_linux:8"
  }, {
    "product_name" : "Red Hat Enterprise Linux 9",
    "fix_state" : "Fix deferred",
    "package_name" : "cups",
    "cpe" : "cpe:/o:redhat:enterprise_linux:9"
  }, {
    "product_name" : "Red Hat Hardened Images",
    "fix_state" : "Not affected",
    "package_name" : "cups",
    "cpe" : "cpe:/a:redhat:hummingbird:1"
  }, {
    "product_name" : "Red Hat OpenShift Container Platform 4",
    "fix_state" : "Fix deferred",
    "package_name" : "rhcos",
    "cpe" : "cpe:/a:redhat:openshift:4"
  } ],
  "references" : [ "https://www.cve.org/CVERecord?id=CVE-2026-41079\nhttps://nvd.nist.gov/vuln/detail/CVE-2026-41079\nhttps://github.com/OpenPrinting/cups/commit/b7c2525a885f528d243c3a92197ca99609b3f080\nhttps://github.com/OpenPrinting/cups/commit/d7fe0f521ff3b24676511e747b058362b9a20737\nhttps://github.com/OpenPrinting/cups/security/advisories/GHSA-6wpw-g8g6-wvrv" ],
  "name" : "CVE-2026-41079",
  "csaw" : false
}