Known Vulnerabilities for products from PaperCut
Listed below are 16 of the newest known vulnerabilities associated with the vendor "PaperCut".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2026-5115 json | The PaperCut NG/MF (specifically, the embedded application for Konica Minolta devices) is vulnerable to session hijacking. Th... | Not Provided | 2026-03-31 | 2026-04-03 |
| CVE-2026-4794 json | Multiple cross-site scripting (XSS) vulnerabilities in PaperCut NG/MF before 25.0.10 allow authenticated administrator users... | Not Provided | 2026-03-31 | 2026-04-03 |
| CVE-2023-39143 json | PaperCut NG and PaperCut MF before 22.1.3 on Windows allow path traversal, enabling attackers to upload, read, or delete arbi... | 9.8 - CRITICAL | 2023-08-04 | 2023-08-08 |
| CVE-2023-31046 json | A Path Traversal vulnerability exists in PaperCut NG before 22.1.1 and PaperCut MF before 22.1.1. Under specific conditions, ... | 6.5 - MEDIUM | 2023-10-19 | 2023-10-26 |
| CVE-2023-27351 json | This vulnerability allows remote attackers to bypass authentication on affected installations of PaperCut NG 22.0.5 (Build 63... | Not Provided | 2023-04-20 | 2026-04-21 |
| CVE-2023-27350 json | This vulnerability allows remote attackers to bypass authentication on affected installations of PaperCut NG 22.0.5 (Build 63... | 9.8 - CRITICAL | 2023-04-20 | 2023-06-07 |
| CVE-2023-6006 json | ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur... | 7.8 - HIGH | 2023-11-14 | 2023-11-20 |
| CVE-2023-4568 json | PaperCut NG allows for unauthenticated XMLRPC commands to be run by default. Versions 22.0.12 and below are confirmed to be a... | 6.5 - MEDIUM | 2023-09-13 | 2023-09-15 |
| CVE-2023-3486 json | An authentication bypass exists in PaperCut NG versions 22.0.12 and prior that could allow a remote, unauthenticated attacker... | 7.5 - HIGH | 2023-07-25 | 2023-07-31 |
| CVE-2023-2533 json | A Cross-Site Request Forgery (CSRF) vulnerability has been identified in PaperCut NG/MF, which, under specific conditions, co... | 8.8 - HIGH | 2023-06-20 | 2023-07-06 |
| CVE-2023-2508 json | The `PaperCutNG Mobility Print` version 1.0.3512 application allows an unauthenticated attacker to perform a CSRF attack on ... | 6.5 - MEDIUM | 2023-09-20 | 2023-09-22 |
| CVE-2019-12135 json | An unspecified vulnerability in the application server in PaperCut MF and NG versions 18.3.8 and earlier and versions 19.0.3 ... | 9.8 - CRITICAL | 2019-06-06 | 2020-08-24 |
| CVE-2019-8948 json | PaperCut MF before 18.3.6 and PaperCut NG before 18.3.6 allow script injection via the user interface, aka PC-15163. | 9.8 - CRITICAL | 2019-02-20 | 2019-02-21 |
| CVE-2014-2659 json | Cross-site request forgery (CSRF) vulnerability in the admin UI in Papercut MF and NG before 14.1 (Build 26983) allows remote... | 6.8 - MEDIUM | 2014-04-22 | 2017-08-29 |
| CVE-2014-2658 json | Unspecified vulnerability in Papercut MF and NG before 14.1 (Build 26983) allows attacker to cause a denial of service via un... | 5 - MEDIUM | 2014-04-28 | 2017-08-29 |
| CVE-2014-2657 json | Unspecified vulnerability in the print release functionality in PaperCut MF before 14.1 (Build 26983) has unknown impact and ... | 7.5 - HIGH | 2014-04-28 | 2017-08-29 |
Known software with vulnerabilities from PaperCut
| Type | Vendor | Product | Version |
|---|---|---|---|
| Application | Papercut | Papercut Mf | 12.0 |
| Application | Papercut | Papercut Ng | 12.0 |