Looks like it's CUPS, and it's now disclosed and no patch currently available(!). https://www.evilsocket.net/2024/09/26/Attacking-UNIX-systems-via-CUPS-Part-I/
I recommend checking if CUPS is installed and bound to anything public:
Linux:
sudo ss -tulnp | grep cups | awk '{print $5, $7}'
Mac:
sudo lsof -nP -i -sTCP:LISTEN | grep cups
If you see "0.0.0.0:foo" or "[::]:foo" that means it's listening on a public network interface and you might want to change that (or just uninstall it). Definitely uninstall cups-browsed if you can.