What is GHSA-xjvf-w7h7-789h?

GHSA-xjvf-w7h7-789h is a security advisory published by GitHub Security Advisories with Medium severity. Improper handling of symbolic links in the installer of CUPS Printer Driver for macOS(*) may...

Which CVE IDs does GHSA-xjvf-w7h7-789h cover?

GHSA-xjvf-w7h7-789h covers the following CVE IDs: CVE-2026-6892. Each CVE has its own detail page on EchelonGraph Pulse with the synthesized EG score.

What is the CVSS v3 score of GHSA-xjvf-w7h7-789h?

GHSA-xjvf-w7h7-789h has a CVSS v3 base score of 5.0, published by GitHub Security Advisories.

GHSA-xjvf-w7h7-789hMediumCVSS 5.0

Improper handling of symbolic links in the installer of CUPS Printer Driver for macOS(*) may...

Vendor

GitHub Security Advisories

Published

May 29, 2026

Last Modified

May 29, 2026

🔗 CVE IDs covered (1)

CVE-2026-6892 →

📋 Description

Improper handling of symbolic links in the installer of CUPS Printer Driver for macOS(*) may allow a local attacker with login privileges to exploit a specially crafted symbolic link during installation to modify permissions of directories for which they would not normally have authorization.

*:Canon PIXUS iX6800 Series CUPS Printer Driver for macOS Version 16.91.0.0 or earlier (Japan)

Canon PIXMA MG2500 Series and iX6800 Series CUPS Printer Driver for macOS Version 16.91.0.0 or earlier (US and Europe)

🔗 References (6)

https://nvd.nist.gov/vuln/detail/CVE-2026-6892
https://canon.jp/support/support-info/260528-1vulnerability-response
https://psirt.canon/advisory-information/cp2026-004
https://www.canon-europe.com/support/product-security
https://www.usa.canon.com/support/canon-product-advisories/CPA2026-004-Vulnerability-Remediation-for-My-Image-Garden-for-macOS-and-CUPS-Printer-Driver-for-macOS
https://github.com/advisories/GHSA-xjvf-w7h7-789h