1. Home
  2. CVE Database
  3. CVE-2026-1996
MEDIUM · 5.3

CVE-2026-1996

Certain HP OfficeJet Pro printers may be vulnerable to potential denial of service when the IPP requests are mishandled, failing to establish a TCP connection.

Vulnerability Description

Certain HP OfficeJet Pro printers may be vulnerable to potential denial of service when the IPP requests are mishandled, failing to establish a TCP connection.

CVSS Score

5.3

MEDIUM

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality
NONE
Integrity
NONE
Availability
LOW

Affected Products

VendorProductVersions
HpD9L18A Firmware< 001.2602a
HpD9L18A-
HpM9L66A Firmware< 001.2602a
HpM9L66A-
HpM9L67A Firmware< 001.2602a
HpM9L67A-
HpT0G46A Firmware< 001.2602a
HpT0G46A-
HpJ6X76A Firmware< 001.2602a
HpJ6X76A-
HpJ6X78A Firmware< 001.2602a
HpJ6X78A-
HpJ6X80A Firmware< 001.2602a
HpJ6X80A-
HpK7S37A Firmware< 001.2602a
HpK7S37A-
HpM9L70A Firmware< 001.2602a
HpM9L70A-
HpJ6X77A Firmware< 001.2602a
HpJ6X77A-

Related Weaknesses (CWE)

CWE-703

References

FAQ

What is CVE-2026-1996?

CVE-2026-1996 is a vulnerability with a CVSS score of 5.3 (MEDIUM). Certain HP OfficeJet Pro printers may be vulnerable to potential denial of service when the IPP requests are mishandled, failing to establish a TCP connection.

How severe is CVE-2026-1996?

CVE-2026-1996 has been rated MEDIUM with a CVSS base score of 5.3/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2026-1996?

Check the references section above for vendor advisories and patch information. Affected products include: Hp D9L18A Firmware, Hp D9L18A, Hp M9L66A Firmware, Hp M9L66A, Hp M9L67A Firmware.