QwikSec

Security Database

CVE

CWE

Training

CVE Database
/

CVE-2026-6892

Back to search

CVE-2026-6892

Published: May 29, 2026

Modified: May 29, 2026

PUBLISHED

CVSS v3.1

5.0

MEDIUM

Description

Improper handling of symbolic links in the installer of CUPS Printer Driver for macOS(*) may allow a local attacker with login privileges to exploit a specially crafted symbolic link during installation to modify permissions of directories for which they would not normally have authorization.  *:Canon PIXUS iX6800 Series CUPS Printer Driver for macOS Version 16.91.0.0 or earlier (Japan) Canon PIXMA MG2500 Series and iX6800 Series CUPS Printer Driver for macOS Version 16.91.0.0 or earlier (US and Europe)

VendorProductVersions

Canon Inc.

Canon PIXUS iX6800 Series CUPS Printer Driver for macOS

affected
16.91.0.0 or earlier

Canon Inc.

PIXMA MG2500 Series CUPS Printer Driver for macOS

affected
16.91.0.0 or earlier

Canon Inc.

PIXMA iX6800 Series CUPS Printer Driver for macOS

affected
16.91.0.0 or earlier

Weaknesses (CWE)

CWE-59

CVSS v3.1 Details

CVSS v3.1 Vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:N

Attack Vector

Local

Attack Complexity

Low

Privileges Required

Low

User Interaction

Required

Scope

Unchanged

Confidentiality

None

Integrity

High

Availability

None

References

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now