CVE-2026-27447

Source
https://cve.org/CVERecord?id=CVE-2026-27447
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2026-27447.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2026-27447
Aliases
  • GHSA-v987-m8hp-phj9
Downstream
Related
Published
2026-04-03T21:11:59.734Z
Modified
2026-07-11T07:55:42.061862Z
Severity
  • 4.8 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:H/I:L/A:N CVSS Calculator
Summary
OpenPrinting CUPS: Authorization bypass via case-insensitive group-member lookup
Details

OpenPrinting CUPS is an open source printing system for Linux and other Unix-like operating systems. In versions 2.4.16 and prior, CUPS daemon (cupsd) contains an authorization bypass vulnerability due to case-insensitive username comparison during authorization checks. The vulnerability allows an unprivileged user to gain unauthorized access to restricted operations by using a user with a username that differs only in case from an authorized user. At time of publication, there are no publicly available patches.

Database specific
{
    "cna_assigner": "GitHub_M",
    "cwe_ids": [
        "CWE-863"
    ],
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/27xxx/CVE-2026-27447.json"
}
References

Affected packages

Git / github.com/openprinting/cups

Affected ranges

Type
GIT
Repo
https://github.com/openprinting/cups
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed
Database specific
{
    "source": [
        "CPE_RANGE",
        "REFERENCES"
    ],
    "cpe": "cpe:2.3:a:openprinting:cups:*:*:*:*:*:*:*:*",
    "extracted_events": [
        {
            "introduced": "0"
        },
        {
            "last_affected": "2.4.16"
        }
    ]
}

Affected versions

v2.*
v2.2.0
v2.2.1
v2.2.2
v2.2.3
v2.2.4
v2.2.5
v2.2.6
v2.2b1
v2.2b2
v2.2rc1
v2.3.0
v2.3.1
v2.3.3
v2.3.3op1
v2.3.3op2
v2.3b1
v2.3b2
v2.3b3
v2.3b4
v2.3b5
v2.3b6
v2.3b7
v2.3b8
v2.3rc1
v2.4.0
v2.4.1
v2.4.2
v2.4.3
v2.4b1
v2.4rc1

Database specific

vanir_signatures
[
    {
        "id": "CVE-2026-27447-a583b177",
        "digest": {
            "line_hashes": [
                "176410143507355983294686101745328094369",
                "115792395960735883771031320264469884721",
                "135803717691476411825697998077932116207",
                "15424156163291787898771581584915379929",
                "120159171580599956410117718006041538495",
                "225684204883454819845312418647600792057",
                "167917337984149193837649330828183126558",
                "42576025254109609475844479046551153644",
                "203451318150926783078270546881530624118",
                "83225245274089313078095274200200206486",
                "21131427354955727502024260087251600933",
                "98907988471480144369036382542787974728",
                "231767634043447334001081408555918870490",
                "147099455136125777772392495595352119725",
                "124984009242917229298563710533862992123",
                "176093930449248608742716230876999423999",
                "116314721378060575864101780567823109522",
                "25492270040618489791059604830968291741",
                "40982160569122594518117613264420660995",
                "231297760216475671602390663204719588686",
                "56065336540310778795803205510786277516",
                "2279732709940580555618036312256163999",
                "283562889683504142252572169100790928288",
                "270335933995058196395868664161701540741",
                "160869365900250851240417119813137631545",
                "14642659824781436975204801126160201989",
                "68001646181108637465845052831812894087",
                "62157241115842724479385905450330649141",
                "149472562226488825573754007569635977410",
                "205276668302131435168663366645767543537",
                "55340116071575073625551515271516629609",
                "262209548606140328929408740926690049984",
                "108258868073512654495180403420069176282",
                "44966827632852408863057524427078114142",
                "42855598644245201361281865265195749468",
                "318118673100323177856516085204320953977",
                "208649811365641460174992021559223564598",
                "70177316613792701867660416032538760833"
            ],
            "threshold": 0.9
        },
        "target": {
            "file": "scheduler/auth.c"
        },
        "signature_version": "v1",
        "source": "https://github.com/openprinting/cups/commit/88516bf6d9e34cef7a64a704b856b837f70cd220",
        "deprecated": false,
        "signature_type": "Line"
    },
    {
        "id": "CVE-2026-27447-ceea831d",
        "digest": {
            "length": 1656.0,
            "function_hash": "301946086184399924173053728711547405119"
        },
        "target": {
            "function": "cupsdCheckGroup",
            "file": "scheduler/auth.c"
        },
        "signature_version": "v1",
        "source": "https://github.com/openprinting/cups/commit/88516bf6d9e34cef7a64a704b856b837f70cd220",
        "deprecated": false,
        "signature_type": "Function"
    },
    {
        "id": "CVE-2026-27447-d2a45f49",
        "digest": {
            "length": 8660.0,
            "function_hash": "171918984847480217483569706055594429153"
        },
        "target": {
            "function": "cupsdIsAuthorized",
            "file": "scheduler/auth.c"
        },
        "signature_version": "v1",
        "source": "https://github.com/openprinting/cups/commit/88516bf6d9e34cef7a64a704b856b837f70cd220",
        "deprecated": false,
        "signature_type": "Function"
    }
]
source
"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2026-27447.json"
vanir_signatures_modified
"2026-07-11T07:55:42Z"