CVE-2026-6892

Severity CVSS v4.0:
MEDIUM
Type:
CWE-59 Link Following
Publication date:
29/05/2026
Last modified:
29/05/2026

Description

Improper handling of symbolic links in the installer of CUPS Printer Driver for macOS(*) may allow a local attacker with login privileges to exploit a specially crafted symbolic link during installation to modify permissions of directories for which they would not normally have authorization. <br /> <br /> *:Canon PIXUS iX6800 Series CUPS Printer Driver for macOS Version 16.91.0.0 or earlier (Japan)<br /> <br /> Canon PIXMA MG2500 Series and iX6800 Series CUPS Printer Driver for macOS Version 16.91.0.0 or earlier (US and Europe)