A vulnerability classified as critical was found in PaperCut NG and MF up to 24.1.8/25.0.9 . This affects an unknown function. The manipulation results in time-of-check time-of-use. This vulnerability is identified as CVE-2026-6180 . The attack can be executed remotely. There is not any exploit available. Upgrading the affected component is advised.