Critical CUPS Vulnerabilities Expose Linux and Unix Systems to Remote Takeover A team of AI-driven vulnerability researchers, led by security expert Asim Viladi Oglu Manizada, has identified two severe flaws in the Common Unix Printing System (CUPS), a widely used print management component in Linux and Unix-like operating systems. When exploited in sequence, these vulnerabilities allow remote attackers to execute malicious code and escalate privileges to root-level access, granting full control over affected systems. The first flaw, CVE-2026-34980, enables remote code execution (RCE) on systems with exposed, unauthenticated PostScript print queues. CUPS, which runs with elevated privileges, processes print job attributes without proper input sanitization. Attackers can inject a newline character into a print option, bypassing security checks and manipulating queue settings to execute arbitrary commands under the CUPS service account. This provides an initial foothold on the system. The second vulnerability, CVE-2026-34990, allows local privilege escalation to root in default CUPS configurations. A low-privileged user can create a fake printer, intercept CUPS validation requests, and extract a privileged administrative token. By exploiting a race condition, the attacker can then overwrite protected system files, achieving full system compromise. Combined, these flaws create a high-risk attack chain: an unauthenticated remote attacker can first gain code execution via CVE-2026-34980, then escalate to root access using CVE-2026-34990. As of early April 2026, fixes have been committed but official patched releases are not yet available. Enterprises and server environments relying on CUPS are advised to mitigate exposure by restricting network access, enforcing authentication for shared queues, and deploying security frameworks like AppArmor or SELinux to limit file system access.