CP2026-004 Vulnerability Remediation for My Image Garden for macOS and CUPS Printer Driver for macOS

CP2026-004 Vulnerability Remediation for My Image Garden for macOS and CUPS Printer Driver for macOS

May 28, 2026
Canon Inc.
 
 
Description
A vulnerability involving improper validation of symbolic links has been identified in the installers of My Image Garden for macOS and the CUPS Printer Driver for macOS.
If exploited during installation of the affected software, a third party with local access to and login privileges on the PC may use a specially crafted symbolic link to modify the permissions of files or directories for which they would not normally have authorization.
 
Affected Software
My Image Garden for macOS
CUPS Printer Driver for macOS
 
For details of affected software and versions, please refer to the website of your local Canon sales company.
 
Remediation
Software designed to address this issue is available from the website of your local Canon sales company. Customers are advised to install the latest software available for their region.
 
CVE/CVSS
CVE-2026-6891: Improper handling of symbolic links in the installer of My Image Garden for macOS
  CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:P/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N Base Score: 5.1
  CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:N Base Score: 5.0

CVE-2026-6892: Improper handling of symbolic links in the installer of CUPS Printer Driver for macOS
  CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:P/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N Base Score: 5.1
  CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:N Base Score: 5.0