Aggregates CVE and security vulnerability intelligence across all hp_inc.-related products, including CVSS, EPSS, publication dates, and vulnerability intelligence data.
Common weakness patterns include vendor risk path handling and vendor risk buffer overflow, with potential vendor impact application crash and vendor impact memory corruption across vendor surface software deployment use cases.
| CVE | Summary | Source | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2026-8864 | The HP Fan Control App might allow local escalation of privileges. An updated version of HP Fan Control App has been released to mitigate this potential vulnerability. | [email protected] | 7.3 | 0.11% | 2026-06-30 | 2026-07-02 |
| CVE-2026-5064 | Potential security vulnerabilities have been identified in the HP One Agent for certain HP PC products, which might allow for escalation of privilege and/or denial of service. HP is releasing software updates to mitigate these potential vulnerabilities. | [email protected] | 8.5 | 0.11% | 2026-06-15 | 2026-06-18 |
| CVE-2026-0826 | In certain scenarios when the admin has enabled Interactive Connectivity Establishment (ICE), a buffer overflow could enable remote code execution on Poly Voice products on the Linux platform. | [email protected] | 9.2 | 26.47% | 2026-06-01 | 2026-06-17 |
| CVE-2025-11998 | The following HP Card Readers B Models (X3D03B & Y7C05B) are potentially vulnerable to information disclosure, allowing prior user identity to be inherited under certain conditions —e.g., when an NFC device (such as a smartphone/smartwatches) is in proximity during a card swipe event. | [email protected] | 6.8 | 0.15% | 2025-10-30 | 2026-06-17 |