CVE-2026-6892

Name: CVE-2026-6892
Creator: NVD / NIST
Published: 2026-05-29T00:16:16.847+00:00
License: https://creativecommons.org/publicdomain/zero/1.0/

MEDIUMCVSS 5.1/10EPSS 0.12%

Last modified Jun 17, 2026

This CVE is reserved or awaiting analysis. Details will appear once published by NVD.

Description

Improper handling of symbolic links in the installer of CUPS Printer Driver for macOS(*) may allow a local attacker with login privileges to exploit a specially crafted symbolic link during installation to modify permissions of directories for which they would not normally have authorization. *:Canon PIXUS iX6800 Series CUPS Printer Driver for macOS Version 16.91.0.0 or earlier (Japan) Canon PIXMA MG2500 Series and iX6800 Series CUPS Printer Driver for macOS Version 16.91.0.0 or earlier (US and Europe)

Metrics

CVSS 3.1

5/10

CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:N

CVSS 4.0

5.1/10

CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:P/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

EPSS Probability

0.12%

2.4th percentile

Probability of exploitation in the next 30 days. Learn more

Weakness Enumeration

CWE-59

References

Timeline

Published: May 29, 2026
Last Modified: Jun 17, 2026
Status: Awaiting Analysis

Are you affected by CVE-2026-6892?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST