ZDI-26-280: (Pwn2Own) HP DeskJet 2855e JobStatusEvent Stack-based Buffer Overflow Remote Code Execution Vulnerability
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of HP DeskJet 2855e printers. Authentication is not required to exploit this vulnerability. The ZDI has assigned a CVSS rating of 8.8. The following CVEs are assigned: CVE-2026-4682.
ORIGINAL SOURCE →via Zero Day Initiative
ADVERTISEMENT
⚡ STAY AHEAD
Events like this, convergence-verified across 689 sources, land in your inbox every Sunday. Free.
GET THE SUNDAY BRIEFING →RELATED · cyber
- [CYBER] Mantle proposes up to 30,000 ETH loan to address Aave bad debt from Kelp exploit
- [CYBER] Mantle proposes up to 30,000 ETH loan to address Aave bad debt from Kelp exploit - The Block
- [CYBER] CVE-2026-1952 - Denial of service via the undocumented subfunction in AS320T
- [CYBER] CVE-2026-1951 - No checking of the length of the buffer with the directory name in AS320T
- [CYBER] CVE-2026-1950 - No checking of the length of the buffer with the file name in AS320T
- [CYBER] Python Vulnerability Enables Out-of-Bounds Write on Windows