Search criteria
3084 vulnerabilities
CVE-2026-26050 (GCVE-0-2026-26050)
Vulnerability from cvelistv5 – Published: 2026-02-20 08:13 – Updated: 2026-02-20 13:45
VLAI?
Summary
The installer for ジョブログ集計/分析ソフトウェア RICOHジョブログ集計ツール versions prior to Ver.1.3.7 contains an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries. As a result, arbitrary code may be executed with administrative privileges.
Severity ?
CWE
- CWE-427 - Uncontrolled Search Path Element
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Ricoh Company, Ltd. | ジョブログ集計/分析ソフトウェア RICOHジョブログ集計ツール |
Affected:
versions prior to Ver.1.3.7
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-26050",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-02-20T13:45:28.617862Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-02-20T13:45:42.678Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "\u30b8\u30e7\u30d6\u30ed\u30b0\u96c6\u8a08/\u5206\u6790\u30bd\u30d5\u30c8\u30a6\u30a7\u30a2 RICOH\u30b8\u30e7\u30d6\u30ed\u30b0\u96c6\u8a08\u30c4\u30fc\u30eb",
"vendor": "Ricoh Company, Ltd.",
"versions": [
{
"status": "affected",
"version": "versions prior to Ver.1.3.7"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The installer for \u30b8\u30e7\u30d6\u30ed\u30b0\u96c6\u8a08/\u5206\u6790\u30bd\u30d5\u30c8\u30a6\u30a7\u30a2 RICOH\u30b8\u30e7\u30d6\u30ed\u30b0\u96c6\u8a08\u30c4\u30fc\u30eb versions prior to Ver.1.3.7 contains an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries. As a result, arbitrary code may be executed with administrative privileges."
}
],
"metrics": [
{
"cvssV3_0": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en-US",
"value": "GENERAL"
}
]
},
{
"cvssV4_0": {
"baseScore": 8.4,
"baseSeverity": "HIGH",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
"version": "4.0"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en-US",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-427",
"description": "Uncontrolled Search Path Element",
"lang": "en-US",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-02-20T08:13:31.884Z",
"orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"shortName": "jpcert"
},
"references": [
{
"url": "https://support.ricoh.com/bbv2/html/dr_ut_d/ut/history/w/bb/pub_j/dr_ut_d/4101031/4101031555/V137/5260588/260588/history.htm"
},
{
"url": "https://jvn.jp/en/jp/JVN69531868/"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"assignerShortName": "jpcert",
"cveId": "CVE-2026-26050",
"datePublished": "2026-02-20T08:13:31.884Z",
"dateReserved": "2026-02-17T06:44:17.959Z",
"dateUpdated": "2026-02-20T13:45:42.678Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-26370 (GCVE-0-2026-26370)
Vulnerability from cvelistv5 – Published: 2026-02-20 07:42 – Updated: 2026-02-20 13:54
VLAI?
Summary
WordPress Plugin "Survey Maker" versions 5.1.7.7 and prior contain a cross-site scripting vulnerability. If this vulnerability is exploited, an arbitrary script may be executed in the user's web browser.
Severity ?
6.1 (Medium)
CWE
- CWE-79 - Cross-site scripting (XSS)
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Ays Pro | Survey Maker |
Affected:
5.1.7.7 and prior
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-26370",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-02-20T13:53:36.684086Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-02-20T13:54:24.585Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Survey Maker",
"vendor": "Ays Pro",
"versions": [
{
"status": "affected",
"version": "5.1.7.7 and prior"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "WordPress Plugin \"Survey Maker\" versions 5.1.7.7 and prior contain a cross-site scripting vulnerability. If this vulnerability is exploited, an arbitrary script may be executed in the user\u0027s web browser."
}
],
"metrics": [
{
"cvssV3_0": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en-US",
"value": "GENERAL"
}
]
},
{
"cvssV4_0": {
"baseScore": 5.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N",
"version": "4.0"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en-US",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "Cross-site scripting (XSS)",
"lang": "en-US",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-02-20T07:42:15.263Z",
"orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"shortName": "jpcert"
},
"references": [
{
"url": "https://wordpress.org/plugins/survey-maker/"
},
{
"url": "https://jvn.jp/en/jp/JVN20049394/"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"assignerShortName": "jpcert",
"cveId": "CVE-2026-26370",
"datePublished": "2026-02-20T07:42:15.263Z",
"dateReserved": "2026-02-16T00:13:00.474Z",
"dateUpdated": "2026-02-20T13:54:24.585Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-25108 (GCVE-0-2026-25108)
Vulnerability from cvelistv5 – Published: 2026-02-13 03:39 – Updated: 2026-02-13 13:09
VLAI?
Summary
FileZen contains an OS command injection vulnerability. When FileZen Antivirus Check Option is enabled, a logged-in user may send a specially crafted HTTP request to execute an arbitrary OS command.
Severity ?
CWE
- CWE-78 - Improper neutralization of special elements used in an OS command ('OS Command Injection')
Assigner
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| Soliton Systems K.K. | FileZen |
Affected:
V5.0.0 to V5.0.10
|
|||||||
|
|||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-25108",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-02-13T13:08:19.124890Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-02-13T13:09:17.740Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "FileZen",
"vendor": "Soliton Systems K.K.",
"versions": [
{
"status": "affected",
"version": "V5.0.0 to V5.0.10"
}
]
},
{
"product": "FileZen",
"vendor": "Soliton Systems K.K.",
"versions": [
{
"status": "affected",
"version": "V4.2.1 to V4.2.8"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "FileZen contains an OS command injection vulnerability. When FileZen Antivirus Check Option is enabled, a logged-in user may send a specially crafted HTTP request to execute an arbitrary OS command."
}
],
"metrics": [
{
"cvssV3_0": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en-US",
"value": "GENERAL"
}
]
},
{
"cvssV4_0": {
"baseScore": 8.7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
"version": "4.0"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en-US",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-78",
"description": "Improper neutralization of special elements used in an OS command (\u0027OS Command Injection\u0027)",
"lang": "en-US",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-02-13T04:36:19.553Z",
"orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"shortName": "jpcert"
},
"references": [
{
"url": "https://www.soliton.co.jp/support/2026/006657.html"
},
{
"url": "https://jvn.jp/en/jp/JVN84622767/"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"assignerShortName": "jpcert",
"cveId": "CVE-2026-25108",
"datePublished": "2026-02-13T03:39:03.795Z",
"dateReserved": "2026-01-30T11:03:04.608Z",
"dateUpdated": "2026-02-13T13:09:17.740Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-25676 (GCVE-0-2026-25676)
Vulnerability from cvelistv5 – Published: 2026-02-12 04:26 – Updated: 2026-02-12 15:07
VLAI?
Summary
The installer of M-Track Duo HD version 1.0.0 contains an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries. As a result, arbitrary code may be executed with administrator privileges.
Severity ?
CWE
- CWE-427 - Uncontrolled Search Path Element
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| M-Audio | M-Track Duo HD |
Affected:
1.0.0
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-25676",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-02-12T15:07:05.662749Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-02-12T15:07:19.491Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "M-Track Duo HD",
"vendor": "M-Audio",
"versions": [
{
"status": "affected",
"version": "1.0.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The installer of M-Track Duo HD version 1.0.0 contains an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries. As a result, arbitrary code may be executed with administrator privileges."
}
],
"metrics": [
{
"cvssV3_0": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en-US",
"value": "GENERAL"
}
]
},
{
"cvssV4_0": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
"version": "4.0"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en-US",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-427",
"description": "Uncontrolled Search Path Element",
"lang": "en-US",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-02-12T04:26:04.933Z",
"orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"shortName": "jpcert"
},
"references": [
{
"url": "https://www.m-audio.com/audio-midi-interfaces/m-track-duo-hd.html"
},
{
"url": "https://jvn.jp/en/jp/JVN88690363/"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"assignerShortName": "jpcert",
"cveId": "CVE-2026-25676",
"datePublished": "2026-02-12T04:26:04.933Z",
"dateReserved": "2026-02-05T00:21:20.346Z",
"dateUpdated": "2026-02-12T15:07:19.491Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-24466 (GCVE-0-2026-24466)
Vulnerability from cvelistv5 – Published: 2026-02-09 06:59 – Updated: 2026-02-09 15:43
VLAI?
Summary
Products provided by Oki Electric Industry Co., Ltd. and its OEM products (Ricoh Co., Ltd., Murata Machinery, Ltd.) register Windows services with unquoted file paths. A user with the write permission on the root directory of the system drive may execute arbitrary code with SYSTEM privilege.
Severity ?
CWE
- CWE-428 - Unquoted search path or element
Assigner
References
Impacted products
| Vendor | Product | Version | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Oki Electric Industry Co., Ltd. | See "References" section |
Affected:
See "References" section
|
||||||||||||
|
||||||||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-24466",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-02-09T15:43:38.709818Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-02-09T15:43:46.605Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "See \"References\" section",
"vendor": "Oki Electric Industry Co., Ltd.",
"versions": [
{
"status": "affected",
"version": "See \"References\" section"
}
]
},
{
"product": "See \"References\" section",
"vendor": "Ricoh Company, Ltd.",
"versions": [
{
"status": "affected",
"version": "See \"References\" section"
}
]
},
{
"product": "See \"References\" section",
"vendor": "Murata Machinery, Ltd.",
"versions": [
{
"status": "affected",
"version": "See \"References\" section"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Products provided by Oki Electric Industry Co., Ltd. and its OEM products (Ricoh Co., Ltd., Murata Machinery, Ltd.) register Windows services with unquoted file paths. A user with the write permission on the root directory of the system drive may execute arbitrary code with SYSTEM privilege."
}
],
"metrics": [
{
"cvssV3_0": {
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en-US",
"value": "GENERAL"
}
]
},
{
"cvssV4_0": {
"baseScore": 8.4,
"baseSeverity": "HIGH",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
"version": "4.0"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en-US",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-428",
"description": "Unquoted search path or element",
"lang": "en-US",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-02-09T06:59:30.186Z",
"orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"shortName": "jpcert"
},
"references": [
{
"url": "https://www.oki.com/jp/product_security/sa_2026_0001_en.html"
},
{
"url": "https://www.oki.com/jp/printing/support/important-information/2026/info-260209/index.html"
},
{
"url": "https://jp.ricoh.com/security/products/vulnerabilities/vul?id=ricoh-2026-000002"
},
{
"url": "https://www.muratec.jp/ce/support/announce_sp_20260209.html"
},
{
"url": "https://jvn.jp/en/jp/JVN55395471/"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"assignerShortName": "jpcert",
"cveId": "CVE-2026-24466",
"datePublished": "2026-02-09T06:59:30.186Z",
"dateReserved": "2026-01-23T00:31:37.485Z",
"dateUpdated": "2026-02-09T15:43:46.605Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-25198 (GCVE-0-2026-25198)
Vulnerability from cvelistv5 – Published: 2026-02-05 07:38 – Updated: 2026-02-05 15:05
VLAI?
Summary
web2py versions 2.27.1-stable+timestamp.2023.11.16.08.03.57 and prior contain an open redirect vulnerability. If this vulnerability is exploited, the user may be redirected to an arbitrary website when accessing a specially crafted URL. As a result, the user may become a victim of a phishing attack.
Severity ?
4.7 (Medium)
CWE
- CWE-601 - URL redirection to untrusted site ('Open Redirect')
Assigner
References
Impacted products
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-25198",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-02-05T15:05:09.512715Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-02-05T15:05:15.192Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "web2py",
"vendor": "web2py",
"versions": [
{
"status": "affected",
"version": "2.27.1-stable+timestamp.2023.11.16.08.03.57 and prior"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "web2py versions 2.27.1-stable+timestamp.2023.11.16.08.03.57 and prior contain an open redirect vulnerability. If this vulnerability is exploited, the user may be redirected to an arbitrary website when accessing a specially crafted URL. As a result, the user may become a victim of a phishing attack."
}
],
"metrics": [
{
"cvssV3_0": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:N",
"version": "3.0"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en-US",
"value": "GENERAL"
}
]
},
{
"cvssV4_0": {
"baseScore": 5.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:N/SC:N/SI:L/SA:N",
"version": "4.0"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en-US",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-601",
"description": "URL redirection to untrusted site (\u0027Open Redirect\u0027)",
"lang": "en-US",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-02-05T07:38:31.763Z",
"orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"shortName": "jpcert"
},
"references": [
{
"url": "https://github.com/web2py/web2py/commit/b4e1ddbd6d40fb30863f6263a67bcdf411a0c6df"
},
{
"url": "https://github.com/web2py/web2py/releases"
},
{
"url": "https://web2py.com/"
},
{
"url": "https://jvn.jp/en/jp/JVN46925341/"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"assignerShortName": "jpcert",
"cveId": "CVE-2026-25198",
"datePublished": "2026-02-05T07:38:31.763Z",
"dateReserved": "2026-01-30T02:36:15.737Z",
"dateUpdated": "2026-02-05T15:05:15.192Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-24447 (GCVE-0-2026-24447)
Vulnerability from cvelistv5 – Published: 2026-02-04 07:04 – Updated: 2026-02-04 15:55
VLAI?
Summary
If a malformed data is input to the affected product, a CSV file downloaded from the affected product may contain such malformed data. When a victim user download and open such a CSV file, the embedded code may be executed in the user's environment. Note that Movable Type 7 series and 8.4 series, which are End-of-Life (EOL), are affected by the vulnerability as well.
Severity ?
6.5 (Medium)
CWE
- CWE-1236 - Improper neutralization of formula elements in a CSV file
Assigner
References
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Six Apart Ltd. | Movable Type (Software Edition) |
Affected:
9.0.4 to 9.0.5 (9.0 series)
Affected: 8.8.0 to 8.8.1 (8.8 series) Affected: 8.0.2 to 8.0.8 (8.0 series) |
|||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-24447",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-02-04T15:55:19.585103Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-02-04T15:55:26.690Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Movable Type (Software Edition)",
"vendor": "Six Apart Ltd.",
"versions": [
{
"status": "affected",
"version": "9.0.4 to 9.0.5 (9.0 series)"
},
{
"status": "affected",
"version": "8.8.0 to 8.8.1 (8.8 series)"
},
{
"status": "affected",
"version": "8.0.2 to 8.0.8 (8.0 series)"
}
]
},
{
"product": "Movable Type Advanced (Software Edition)",
"vendor": "Six Apart Ltd.",
"versions": [
{
"status": "affected",
"version": "9.0.4 to 9.0.5 (9.0 series)"
},
{
"status": "affected",
"version": "8.8.0 to 8.8.1 (8.8 series)"
},
{
"status": "affected",
"version": "8.0.2 to 8.0.8 (8.0 series)"
}
]
},
{
"product": "Movable Type Premium (Software Edition)",
"vendor": "Six Apart Ltd.",
"versions": [
{
"status": "affected",
"version": "9.0.4 (MTP 9.0 series)"
},
{
"status": "affected",
"version": "2.13 and earlier (MTP 2 series)"
}
]
},
{
"product": "Movable Type Premium (Advanced Edition) (Software Edition)",
"vendor": "Six Apart Ltd.",
"versions": [
{
"status": "affected",
"version": "9.0.4 (MTP 9.0 series)"
},
{
"status": "affected",
"version": "2.13 and earlier (MTP 2 series)"
}
]
},
{
"product": "Movable Type (Cloud Edition)",
"vendor": "Six Apart Ltd.",
"versions": [
{
"status": "affected",
"version": "9.0.5 (9 series)"
},
{
"status": "affected",
"version": "8.8.1 (8 series)"
}
]
},
{
"product": "Movable Type Premium (Cloud Edition)",
"vendor": "Six Apart Ltd.",
"versions": [
{
"status": "affected",
"version": "9.0.5 (9 series)"
},
{
"status": "affected",
"version": "2.12 (MTP 2 series)"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "If a malformed data is input to the affected product, a CSV file downloaded from the affected product may contain such malformed data. When a victim user download and open such a CSV file, the embedded code may be executed in the user\u0027s environment. Note that Movable Type 7 series and 8.4 series, which are End-of-Life (EOL), are affected by the vulnerability as well."
}
],
"metrics": [
{
"cvssV3_0": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L",
"version": "3.0"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en-US",
"value": "GENERAL"
}
]
},
{
"cvssV4_0": {
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:L",
"version": "4.0"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en-US",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-1236",
"description": "Improper neutralization of formula elements in a CSV file",
"lang": "en-US",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-02-04T07:04:04.422Z",
"orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"shortName": "jpcert"
},
"references": [
{
"url": "https://movabletype.org/news/2026/02/mt-906-released.html"
},
{
"url": "https://www.sixapart.jp/movabletype/news/2026/02/04-1100.html"
},
{
"url": "https://jvn.jp/en/jp/JVN45405689/"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"assignerShortName": "jpcert",
"cveId": "CVE-2026-24447",
"datePublished": "2026-02-04T07:04:04.422Z",
"dateReserved": "2026-01-29T02:02:27.800Z",
"dateUpdated": "2026-02-04T15:55:26.690Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-23704 (GCVE-0-2026-23704)
Vulnerability from cvelistv5 – Published: 2026-02-04 07:03 – Updated: 2026-02-04 16:07
VLAI?
Summary
A non-administrative user can upload malicious files. When an administrator or the product accesses that file, an arbitrary script may be executed on the administrator's browser. Note that Movable Type 7 series and 8.4 series, which are End-of-Life (EOL), are affected by the vulnerability as well.
Severity ?
6.5 (Medium)
CWE
- CWE-434 - Unrestricted upload of file with dangerous type
Assigner
References
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Six Apart Ltd. | Movable Type (Software Edition) |
Affected:
9.0.4 to 9.0.5 (9.0 series)
Affected: 8.8.0 to 8.8.1 (8.8 series) Affected: 8.0.2 to 8.0.8 (8.0 series) |
|||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-23704",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-02-04T16:07:20.323679Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-02-04T16:07:28.812Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Movable Type (Software Edition)",
"vendor": "Six Apart Ltd.",
"versions": [
{
"status": "affected",
"version": "9.0.4 to 9.0.5 (9.0 series)"
},
{
"status": "affected",
"version": "8.8.0 to 8.8.1 (8.8 series)"
},
{
"status": "affected",
"version": "8.0.2 to 8.0.8 (8.0 series)"
}
]
},
{
"product": "Movable Type Advanced (Software Edition)",
"vendor": "Six Apart Ltd.",
"versions": [
{
"status": "affected",
"version": "9.0.4 to 9.0.5 (9.0 series)"
},
{
"status": "affected",
"version": "8.8.0 to 8.8.1 (8.8 series)"
},
{
"status": "affected",
"version": "8.0.2 to 8.0.8 (8.0 series)"
}
]
},
{
"product": "Movable Type Premium (Software Edition)",
"vendor": "Six Apart Ltd.",
"versions": [
{
"status": "affected",
"version": "9.0.4 (MTP 9.0 series)"
},
{
"status": "affected",
"version": "2.13 and earlier (MTP 2 series)"
}
]
},
{
"product": "Movable Type Premium (Advanced Edition) (Software Edition)",
"vendor": "Six Apart Ltd.",
"versions": [
{
"status": "affected",
"version": "9.0.4 (MTP 9.0 series)"
},
{
"status": "affected",
"version": "2.13 and earlier (MTP 2 series)"
}
]
},
{
"product": "Movable Type (Cloud Edition)",
"vendor": "Six Apart Ltd.",
"versions": [
{
"status": "affected",
"version": "9.0.5 (9 series)"
},
{
"status": "affected",
"version": "8.8.1 (8 series)"
}
]
},
{
"product": "Movable Type Premium (Cloud Edition)",
"vendor": "Six Apart Ltd.",
"versions": [
{
"status": "affected",
"version": "9.0.5 (9 series)"
},
{
"status": "affected",
"version": "2.12 (MTP 2 series)"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A non-administrative user can upload malicious files. When an administrator or the product accesses that file, an arbitrary script may be executed on the administrator\u0027s browser. Note that Movable Type 7 series and 8.4 series, which are End-of-Life (EOL), are affected by the vulnerability as well."
}
],
"metrics": [
{
"cvssV3_0": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L",
"version": "3.0"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en-US",
"value": "GENERAL"
}
]
},
{
"cvssV4_0": {
"baseScore": 5.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:L",
"version": "4.0"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en-US",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-434",
"description": "Unrestricted upload of file with dangerous type",
"lang": "en-US",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-02-04T07:03:37.889Z",
"orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"shortName": "jpcert"
},
"references": [
{
"url": "https://movabletype.org/news/2026/02/mt-906-released.html"
},
{
"url": "https://www.sixapart.jp/movabletype/news/2026/02/04-1100.html"
},
{
"url": "https://jvn.jp/en/jp/JVN45405689/"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"assignerShortName": "jpcert",
"cveId": "CVE-2026-23704",
"datePublished": "2026-02-04T07:03:37.889Z",
"dateReserved": "2026-01-29T02:02:31.425Z",
"dateUpdated": "2026-02-04T16:07:28.812Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-22875 (GCVE-0-2026-22875)
Vulnerability from cvelistv5 – Published: 2026-02-04 07:03 – Updated: 2026-02-04 16:08
VLAI?
Summary
Movable Type contains a stored cross-site scripting vulnerability in Export Sites. If crafted input is stored by an attacker, arbitrary script may be executed on a logged-in user's web browser. Note that Movable Type 7 series and 8.4 series, which are End-of-Life (EOL), are affected by the vulnerability as well.
Severity ?
5.4 (Medium)
CWE
- CWE-79 - Cross-site scripting (XSS)
Assigner
References
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Six Apart Ltd. | Movable Type (Software Edition) |
Affected:
9.0.4 to 9.0.5 (9.0 series)
Affected: 8.8.0 to 8.8.1 (8.8 series) Affected: 8.0.2 to 8.0.8 (8.0 series) |
|||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-22875",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-02-04T16:07:52.134565Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-02-04T16:08:00.768Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Movable Type (Software Edition)",
"vendor": "Six Apart Ltd.",
"versions": [
{
"status": "affected",
"version": "9.0.4 to 9.0.5 (9.0 series)"
},
{
"status": "affected",
"version": "8.8.0 to 8.8.1 (8.8 series)"
},
{
"status": "affected",
"version": "8.0.2 to 8.0.8 (8.0 series)"
}
]
},
{
"product": "Movable Type Advanced (Software Edition)",
"vendor": "Six Apart Ltd.",
"versions": [
{
"status": "affected",
"version": "9.0.4 to 9.0.5 (9.0 series)"
},
{
"status": "affected",
"version": "8.8.0 to 8.8.1 (8.8 series)"
},
{
"status": "affected",
"version": "8.0.2 to 8.0.8 (8.0 series)"
}
]
},
{
"product": "Movable Type Premium (Software Edition)",
"vendor": "Six Apart Ltd.",
"versions": [
{
"status": "affected",
"version": "9.0.4 (MTP 9.0 series)"
},
{
"status": "affected",
"version": "2.13 and earlier (MTP 2 series)"
}
]
},
{
"product": "Movable Type Premium (Advanced Edition) (Software Edition)",
"vendor": "Six Apart Ltd.",
"versions": [
{
"status": "affected",
"version": "9.0.4 (MTP 9.0 series)"
},
{
"status": "affected",
"version": "2.13 and earlier (MTP 2 series)"
}
]
},
{
"product": "Movable Type (Cloud Edition)",
"vendor": "Six Apart Ltd.",
"versions": [
{
"status": "affected",
"version": "9.0.5 (9 series)"
},
{
"status": "affected",
"version": "8.8.1 (8 series)"
}
]
},
{
"product": "Movable Type Premium (Cloud Edition)",
"vendor": "Six Apart Ltd.",
"versions": [
{
"status": "affected",
"version": "9.0.5 (9 series)"
},
{
"status": "affected",
"version": "2.12 (MTP 2 series)"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Movable Type contains a stored cross-site scripting vulnerability in Export Sites. If crafted input is stored by an attacker, arbitrary script may be executed on a logged-in user\u0027s web browser. Note that Movable Type 7 series and 8.4 series, which are End-of-Life (EOL), are affected by the vulnerability as well."
}
],
"metrics": [
{
"cvssV3_0": {
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en-US",
"value": "GENERAL"
}
]
},
{
"cvssV4_0": {
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N",
"version": "4.0"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en-US",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "Cross-site scripting (XSS)",
"lang": "en-US",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-02-04T07:03:01.475Z",
"orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"shortName": "jpcert"
},
"references": [
{
"url": "https://movabletype.org/news/2026/02/mt-906-released.html"
},
{
"url": "https://www.sixapart.jp/movabletype/news/2026/02/04-1100.html"
},
{
"url": "https://jvn.jp/en/jp/JVN45405689/"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"assignerShortName": "jpcert",
"cveId": "CVE-2026-22875",
"datePublished": "2026-02-04T07:03:01.475Z",
"dateReserved": "2026-01-29T02:02:30.407Z",
"dateUpdated": "2026-02-04T16:08:00.768Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-21393 (GCVE-0-2026-21393)
Vulnerability from cvelistv5 – Published: 2026-02-04 07:02 – Updated: 2026-02-04 16:08
VLAI?
Summary
Movable Type contains a stored cross-site scripting vulnerability in Edit Comment. If crafted input is stored by an attacker, arbitrary script may be executed on a logged-in user's web browser. Note that Movable Type 7 series and 8.4 series, which are End-of-Life (EOL), are affected by the vulnerability as well.
Severity ?
5.4 (Medium)
CWE
- CWE-79 - Cross-site scripting (XSS)
Assigner
References
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Six Apart Ltd. | Movable Type (Software Edition) |
Affected:
9.0.4 to 9.0.5 (9.0 series)
Affected: 8.8.0 to 8.8.1 (8.8 series) Affected: 8.0.2 to 8.0.8 (8.0 series) |
|||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-21393",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-02-04T16:08:19.248184Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-02-04T16:08:26.340Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Movable Type (Software Edition)",
"vendor": "Six Apart Ltd.",
"versions": [
{
"status": "affected",
"version": "9.0.4 to 9.0.5 (9.0 series)"
},
{
"status": "affected",
"version": "8.8.0 to 8.8.1 (8.8 series)"
},
{
"status": "affected",
"version": "8.0.2 to 8.0.8 (8.0 series)"
}
]
},
{
"product": "Movable Type Advanced (Software Edition)",
"vendor": "Six Apart Ltd.",
"versions": [
{
"status": "affected",
"version": "9.0.4 to 9.0.5 (9.0 series)"
},
{
"status": "affected",
"version": "8.8.0 to 8.8.1 (8.8 series)"
},
{
"status": "affected",
"version": "8.0.2 to 8.0.8 (8.0 series)"
}
]
},
{
"product": "Movable Type Premium (Software Edition)",
"vendor": "Six Apart Ltd.",
"versions": [
{
"status": "affected",
"version": "9.0.4 (MTP 9.0 series)"
},
{
"status": "affected",
"version": "2.13 and earlier (MTP 2 series)"
}
]
},
{
"product": "Movable Type Premium (Advanced Edition) (Software Edition)",
"vendor": "Six Apart Ltd.",
"versions": [
{
"status": "affected",
"version": "9.0.4 (MTP 9.0 series)"
},
{
"status": "affected",
"version": "2.13 and earlier (MTP 2 series)"
}
]
},
{
"product": "Movable Type (Cloud Edition)",
"vendor": "Six Apart Ltd.",
"versions": [
{
"status": "affected",
"version": "9.0.5 (9 series)"
},
{
"status": "affected",
"version": "8.8.1 (8 series)"
}
]
},
{
"product": "Movable Type Premium (Cloud Edition)",
"vendor": "Six Apart Ltd.",
"versions": [
{
"status": "affected",
"version": "9.0.5 (9 series)"
},
{
"status": "affected",
"version": "2.12 (MTP 2 series)"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Movable Type contains a stored cross-site scripting vulnerability in Edit Comment. If crafted input is stored by an attacker, arbitrary script may be executed on a logged-in user\u0027s web browser. Note that Movable Type 7 series and 8.4 series, which are End-of-Life (EOL), are affected by the vulnerability as well."
}
],
"metrics": [
{
"cvssV3_0": {
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en-US",
"value": "GENERAL"
}
]
},
{
"cvssV4_0": {
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N",
"version": "4.0"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en-US",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "Cross-site scripting (XSS)",
"lang": "en-US",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-02-04T07:02:50.465Z",
"orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"shortName": "jpcert"
},
"references": [
{
"url": "https://movabletype.org/news/2026/02/mt-906-released.html"
},
{
"url": "https://www.sixapart.jp/movabletype/news/2026/02/04-1100.html"
},
{
"url": "https://jvn.jp/en/jp/JVN45405689/"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"assignerShortName": "jpcert",
"cveId": "CVE-2026-21393",
"datePublished": "2026-02-04T07:02:50.465Z",
"dateReserved": "2026-01-29T02:02:32.381Z",
"dateUpdated": "2026-02-04T16:08:26.340Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-24465 (GCVE-0-2026-24465)
Vulnerability from cvelistv5 – Published: 2026-02-03 06:57 – Updated: 2026-02-03 15:47
VLAI?
Summary
Stack-based buffer overflow vulnerability exists in ELECOM wireless LAN access point devices. A crafted packet may lead to arbitrary code execution.
Severity ?
9.8 (Critical)
CWE
- CWE-121 - Stack-based buffer overflow
Assigner
References
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ELECOM CO.,LTD. | WAB-S733IW2-PD |
Affected:
v5.5.00 and earlier versions
|
|||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-24465",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-02-03T15:47:14.941854Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-02-03T15:47:24.584Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "WAB-S733IW2-PD",
"vendor": "ELECOM CO.,LTD.",
"versions": [
{
"status": "affected",
"version": "v5.5.00 and earlier versions"
}
]
},
{
"product": "WAB-S733IW-AC",
"vendor": "ELECOM CO.,LTD.",
"versions": [
{
"status": "affected",
"version": "v5.5.00 and earlier versions"
}
]
},
{
"product": "WAB-S733IW-PD",
"vendor": "ELECOM CO.,LTD.",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"product": "WAB-S300IW2-PD",
"vendor": "ELECOM CO.,LTD.",
"versions": [
{
"status": "affected",
"version": "v5.5.00 and earlier versions"
}
]
},
{
"product": "WAB-S300IW-AC",
"vendor": "ELECOM CO.,LTD.",
"versions": [
{
"status": "affected",
"version": "v5.5.00 and earlier versions"
}
]
},
{
"product": "WAB-S300IW-PD",
"vendor": "ELECOM CO.,LTD.",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Stack-based buffer overflow vulnerability exists in ELECOM wireless LAN access point devices. A crafted packet may lead to arbitrary code execution."
}
],
"metrics": [
{
"cvssV3_0": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en-US",
"value": "GENERAL"
}
]
},
{
"cvssV4_0": {
"baseScore": 9.3,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
"version": "4.0"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en-US",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-121",
"description": "Stack-based buffer overflow",
"lang": "en-US",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-02-03T06:57:51.704Z",
"orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"shortName": "jpcert"
},
"references": [
{
"url": "https://www.elecom.co.jp/news/security/20260203-01/"
},
{
"url": "https://www.elecom.co.jp/news/security/20260203-02/"
},
{
"url": "https://jvn.jp/en/jp/JVN94012927/"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"assignerShortName": "jpcert",
"cveId": "CVE-2026-24465",
"datePublished": "2026-02-03T06:57:51.704Z",
"dateReserved": "2026-01-30T01:42:43.398Z",
"dateUpdated": "2026-02-03T15:47:24.584Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-24449 (GCVE-0-2026-24449)
Vulnerability from cvelistv5 – Published: 2026-02-03 06:57 – Updated: 2026-02-03 15:54
VLAI?
Summary
For WRC-X1500GS-B and WRC-X1500GSA-B, the initial passwords can be calculated easily from the system information.
Severity ?
4.6 (Medium)
CWE
- CWE-1391 - Use of weak credentials
Assigner
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| ELECOM CO.,LTD. | WRC-X1500GS-B |
Affected:
all versions
|
|||||||
|
|||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-24449",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-02-03T15:53:54.600516Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-02-03T15:54:07.198Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "WRC-X1500GS-B",
"vendor": "ELECOM CO.,LTD.",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"product": "WRC-X1500GSA-B",
"vendor": "ELECOM CO.,LTD.",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "For WRC-X1500GS-B and WRC-X1500GSA-B, the initial passwords can be calculated easily from the system information."
}
],
"metrics": [
{
"cvssV3_0": {
"baseScore": 4.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en-US",
"value": "GENERAL"
}
]
},
{
"cvssV4_0": {
"baseScore": 5.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:4.0/AV:P/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N",
"version": "4.0"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en-US",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-1391",
"description": "Use of weak credentials",
"lang": "en-US",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-02-03T06:57:20.505Z",
"orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"shortName": "jpcert"
},
"references": [
{
"url": "https://www.elecom.co.jp/news/security/20260203-01/"
},
{
"url": "https://jvn.jp/en/jp/JVN94012927/"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"assignerShortName": "jpcert",
"cveId": "CVE-2026-24449",
"datePublished": "2026-02-03T06:57:20.505Z",
"dateReserved": "2026-01-30T01:42:46.700Z",
"dateUpdated": "2026-02-03T15:54:07.198Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-22550 (GCVE-0-2026-22550)
Vulnerability from cvelistv5 – Published: 2026-02-03 06:56 – Updated: 2026-02-03 15:55
VLAI?
Summary
OS command injection vulnerability exists in WRC-X1500GS-B and WRC-X1500GSA-B. A crafted request from a logged-in user may lead to an arbitrary OS command execution.
Severity ?
CWE
- CWE-78 - Improper neutralization of special elements used in an OS command ('OS Command Injection')
Assigner
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| ELECOM CO.,LTD. | WRC-X1500GS-B |
Affected:
v1.12 and earlier versions
|
|||||||
|
|||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-22550",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-02-03T15:55:01.293499Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-02-03T15:55:14.398Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "WRC-X1500GS-B",
"vendor": "ELECOM CO.,LTD.",
"versions": [
{
"status": "affected",
"version": "v1.12 and earlier versions"
}
]
},
{
"product": "WRC-X1500GSA-B",
"vendor": "ELECOM CO.,LTD.",
"versions": [
{
"status": "affected",
"version": "v1.12 and earlier versions"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "OS command injection vulnerability exists in WRC-X1500GS-B and WRC-X1500GSA-B. A crafted request from a logged-in user may lead to an arbitrary OS command execution."
}
],
"metrics": [
{
"cvssV3_0": {
"baseScore": 7.2,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en-US",
"value": "GENERAL"
}
]
},
{
"cvssV4_0": {
"baseScore": 8.6,
"baseSeverity": "HIGH",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
"version": "4.0"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en-US",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-78",
"description": "Improper neutralization of special elements used in an OS command (\u0027OS Command Injection\u0027)",
"lang": "en-US",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-02-03T06:56:59.277Z",
"orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"shortName": "jpcert"
},
"references": [
{
"url": "https://www.elecom.co.jp/news/security/20260203-01/"
},
{
"url": "https://jvn.jp/en/jp/JVN94012927/"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"assignerShortName": "jpcert",
"cveId": "CVE-2026-22550",
"datePublished": "2026-02-03T06:56:59.277Z",
"dateReserved": "2026-01-30T01:42:48.683Z",
"dateUpdated": "2026-02-03T15:55:14.398Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-20704 (GCVE-0-2026-20704)
Vulnerability from cvelistv5 – Published: 2026-02-03 06:56 – Updated: 2026-02-03 15:56
VLAI?
Summary
Cross-site request forgery vulnerability exists in WRC-X1500GS-B and WRC-X1500GSA-B. If a user accesses a malicious page while logged-in to the affected product, unintended operations may be performed.
Severity ?
4.3 (Medium)
CWE
- CWE-352 - Cross-site request forgery (CSRF)
Assigner
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| ELECOM CO.,LTD. | WRC-X1500GS-B |
Affected:
v1.12 and earlier versions
|
|||||||
|
|||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-20704",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-02-03T15:55:57.052296Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-02-03T15:56:26.479Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "WRC-X1500GS-B",
"vendor": "ELECOM CO.,LTD.",
"versions": [
{
"status": "affected",
"version": "v1.12 and earlier versions"
}
]
},
{
"product": "WRC-X1500GSA-B",
"vendor": "ELECOM CO.,LTD.",
"versions": [
{
"status": "affected",
"version": "v1.12 and earlier versions"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Cross-site request forgery vulnerability exists in WRC-X1500GS-B and WRC-X1500GSA-B. If a user accesses a malicious page while logged-in to the affected product, unintended operations may be performed."
}
],
"metrics": [
{
"cvssV3_0": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"version": "3.0"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en-US",
"value": "GENERAL"
}
]
},
{
"cvssV4_0": {
"baseScore": 5.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N",
"version": "4.0"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en-US",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-352",
"description": "Cross-site request forgery (CSRF)",
"lang": "en-US",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-02-03T06:56:42.019Z",
"orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"shortName": "jpcert"
},
"references": [
{
"url": "https://www.elecom.co.jp/news/security/20260203-01/"
},
{
"url": "https://jvn.jp/en/jp/JVN94012927/"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"assignerShortName": "jpcert",
"cveId": "CVE-2026-20704",
"datePublished": "2026-02-03T06:56:42.019Z",
"dateReserved": "2026-01-30T01:42:47.600Z",
"dateUpdated": "2026-02-03T15:56:26.479Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-24694 (GCVE-0-2026-24694)
Vulnerability from cvelistv5 – Published: 2026-02-03 05:27 – Updated: 2026-02-03 16:01
VLAI?
Summary
The installer for Roland Cloud Manager ver.3.1.19 and prior insecurely loads Dynamic Link Libraries (DLLs), which could allow an attacker to execute arbitrary code with the privileges of the application.
Severity ?
CWE
- CWE-427 - Uncontrolled Search Path Element
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Roland Corporation | Roland Cloud Manager |
Affected:
ver.3.1.19 and prior
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-24694",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-02-03T16:00:02.719792Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-02-03T16:01:27.410Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Roland Cloud Manager",
"vendor": "Roland Corporation",
"versions": [
{
"status": "affected",
"version": "ver.3.1.19 and prior"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The installer for Roland Cloud Manager ver.3.1.19 and prior insecurely loads Dynamic Link Libraries (DLLs), which could allow an attacker to execute arbitrary code with the privileges of the application."
}
],
"metrics": [
{
"cvssV3_0": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en-US",
"value": "GENERAL"
}
]
},
{
"cvssV4_0": {
"baseScore": 8.4,
"baseSeverity": "HIGH",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
"version": "4.0"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en-US",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-427",
"description": "Uncontrolled Search Path Element",
"lang": "en-US",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-02-03T05:27:56.739Z",
"orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"shortName": "jpcert"
},
"references": [
{
"url": "https://www.roland.com/global/products/rc_roland_cloud_manager/support/#dl-support_documents"
},
{
"url": "https://jvn.jp/en/jp/JVN89992160/"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"assignerShortName": "jpcert",
"cveId": "CVE-2026-24694",
"datePublished": "2026-02-03T05:27:56.739Z",
"dateReserved": "2026-01-27T04:24:11.368Z",
"dateUpdated": "2026-02-03T16:01:27.410Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-22888 (GCVE-0-2026-22888)
Vulnerability from cvelistv5 – Published: 2026-02-02 06:37 – Updated: 2026-02-02 16:28
VLAI?
Summary
Improper input verification issue exists in Cybozu Garoon 5.0.0 to 6.0.3, which may lead to unauthorized alteration of portal settings, potentially blocking access to the product.
Severity ?
4.9 (Medium)
CWE
- CWE-231 - Improper handling of extra values
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cybozu, Inc. | Cybozu Garoon |
Affected:
5.0.0 to 6.0.3
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-22888",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-02-02T15:13:27.952765Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-02-02T16:28:09.211Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cybozu Garoon",
"vendor": "Cybozu, Inc.",
"versions": [
{
"status": "affected",
"version": "5.0.0 to 6.0.3"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Improper input verification issue exists in Cybozu Garoon 5.0.0 to 6.0.3, which may lead to unauthorized alteration of portal settings, potentially blocking access to the product."
}
],
"metrics": [
{
"cvssV3_0": {
"baseScore": 4.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en-US",
"value": "GENERAL"
}
]
},
{
"cvssV4_0": {
"baseScore": 6.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N",
"version": "4.0"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en-US",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-231",
"description": "Improper handling of extra values",
"lang": "en-US",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-02-02T06:37:33.802Z",
"orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"shortName": "jpcert"
},
"references": [
{
"url": "https://kb.cybozu.support/article/39083/"
},
{
"url": "https://jvn.jp/en/jp/JVN35265756/"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"assignerShortName": "jpcert",
"cveId": "CVE-2026-22888",
"datePublished": "2026-02-02T06:37:33.802Z",
"dateReserved": "2026-01-27T00:34:57.984Z",
"dateUpdated": "2026-02-02T16:28:09.211Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-22881 (GCVE-0-2026-22881)
Vulnerability from cvelistv5 – Published: 2026-02-02 06:37 – Updated: 2026-02-02 16:28
VLAI?
Summary
Cross-site scripting vulnerability exists in Message function of Cybozu Garoon 5.15.0 to 6.0.3, which may allow an attacker to reset arbitrary users’ passwords.
Severity ?
5.7 (Medium)
CWE
- CWE-79 - Cross-site scripting (XSS)
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cybozu, Inc. | Cybozu Garoon |
Affected:
5.15.0 to 6.0.3
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-22881",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-02-02T15:13:50.929520Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-02-02T16:28:15.355Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cybozu Garoon",
"vendor": "Cybozu, Inc.",
"versions": [
{
"status": "affected",
"version": "5.15.0 to 6.0.3"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting vulnerability exists in Message function of Cybozu Garoon 5.15.0 to 6.0.3, which may allow an attacker to reset arbitrary users\u2019 passwords."
}
],
"metrics": [
{
"cvssV3_0": {
"baseScore": 5.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:N",
"version": "3.0"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en-US",
"value": "GENERAL"
}
]
},
{
"cvssV4_0": {
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:A/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N",
"version": "4.0"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en-US",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "Cross-site scripting (XSS)",
"lang": "en-US",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-02-02T06:37:17.621Z",
"orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"shortName": "jpcert"
},
"references": [
{
"url": "https://kb.cybozu.support/article/39084/"
},
{
"url": "https://jvn.jp/en/jp/JVN35265756/"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"assignerShortName": "jpcert",
"cveId": "CVE-2026-22881",
"datePublished": "2026-02-02T06:37:17.621Z",
"dateReserved": "2026-01-27T00:34:57.021Z",
"dateUpdated": "2026-02-02T16:28:15.355Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-20711 (GCVE-0-2026-20711)
Vulnerability from cvelistv5 – Published: 2026-02-02 06:37 – Updated: 2026-02-02 16:28
VLAI?
Summary
Cross-site scripting vulnerability exists in E-mail function of Cybozu Garoon 5.0.0 to 6.0.3, which may allow an attacker to reset arbitrary users’ passwords.
Severity ?
6.5 (Medium)
CWE
- CWE-79 - Cross-site scripting (XSS)
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cybozu, Inc. | Cybozu Garoon |
Affected:
5.0.0 to 6.0.3
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-20711",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-02-02T16:05:10.499383Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-02-02T16:28:24.555Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cybozu Garoon",
"vendor": "Cybozu, Inc.",
"versions": [
{
"status": "affected",
"version": "5.0.0 to 6.0.3"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting vulnerability exists in E-mail function of Cybozu Garoon 5.0.0 to 6.0.3, which may allow an attacker to reset arbitrary users\u2019 passwords."
}
],
"metrics": [
{
"cvssV3_0": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
"version": "3.0"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en-US",
"value": "GENERAL"
}
]
},
{
"cvssV4_0": {
"baseScore": 6.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N",
"version": "4.0"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en-US",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "Cross-site scripting (XSS)",
"lang": "en-US",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-02-02T06:37:05.017Z",
"orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"shortName": "jpcert"
},
"references": [
{
"url": "https://kb.cybozu.support/article/39081/"
},
{
"url": "https://jvn.jp/en/jp/JVN35265756/"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"assignerShortName": "jpcert",
"cveId": "CVE-2026-20711",
"datePublished": "2026-02-02T06:37:05.017Z",
"dateReserved": "2026-01-27T00:30:57.072Z",
"dateUpdated": "2026-02-02T16:28:24.555Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-24788 (GCVE-0-2026-24788)
Vulnerability from cvelistv5 – Published: 2026-02-02 04:37 – Updated: 2026-02-02 16:28
VLAI?
Summary
RaspAP raspap-webgui versions prior to 3.3.6 contain an OS command injection vulnerability. If exploited, an arbitrary OS command may be executed by a user who can log in to the product.
Severity ?
CWE
- CWE-78 - Improper neutralization of special elements used in an OS command ('OS Command Injection')
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| RaspAP | raspap-webgui |
Affected:
versions prior to 3.3.6
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-24788",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-02-02T16:26:17.187810Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-02-02T16:28:56.718Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "raspap-webgui",
"vendor": "RaspAP",
"versions": [
{
"status": "affected",
"version": "versions prior to 3.3.6"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "RaspAP raspap-webgui versions prior to 3.3.6 contain an OS command injection vulnerability. If exploited, an arbitrary OS command may be executed by a user who can log in to the product."
}
],
"metrics": [
{
"cvssV3_0": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en-US",
"value": "GENERAL"
}
]
},
{
"cvssV4_0": {
"baseScore": 8.7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
"version": "4.0"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en-US",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-78",
"description": "Improper neutralization of special elements used in an OS command (\u0027OS Command Injection\u0027)",
"lang": "en-US",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-02-02T04:37:03.392Z",
"orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"shortName": "jpcert"
},
"references": [
{
"url": "https://github.com/RaspAP/raspap-webgui/releases"
},
{
"url": "https://jvn.jp/en/jp/JVN27202136/"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"assignerShortName": "jpcert",
"cveId": "CVE-2026-24788",
"datePublished": "2026-02-02T04:37:03.392Z",
"dateReserved": "2026-01-27T00:21:50.072Z",
"dateUpdated": "2026-02-02T16:28:56.718Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-24714 (GCVE-0-2026-24714)
Vulnerability from cvelistv5 – Published: 2026-01-30 03:53 – Updated: 2026-01-30 17:59 Unsupported When Assigned
VLAI?
Summary
Some end of service NETGEAR products provide "TelnetEnable" functionality, which allows a magic packet to activate telnet service on the box.
Severity ?
CWE
- CWE-1242 - Inclusion of undocumented features or chicken bits
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| NETGEAR | NETGEAR products |
Affected:
versions which provide "TelnetEnable" functionality
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-24714",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-01-30T17:59:24.138913Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-01-30T17:59:45.410Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "NETGEAR products",
"vendor": "NETGEAR",
"versions": [
{
"status": "affected",
"version": "versions which provide \"TelnetEnable\" functionality"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Some end of service NETGEAR products provide \"TelnetEnable\" functionality, which allows a magic packet to activate telnet service on the box."
}
],
"metrics": [
{
"cvssV3_0": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.0"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en-US",
"value": "GENERAL"
}
]
},
{
"cvssV4_0": {
"baseScore": 8.7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N",
"version": "4.0"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en-US",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-1242",
"description": "Inclusion of undocumented features or chicken bits",
"lang": "en-US",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-01-30T03:53:30.144Z",
"orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"shortName": "jpcert"
},
"references": [
{
"url": "https://www.netgear.com/about/eos/"
},
{
"url": "https://jvn.jp/en/jp/JVN46722282/"
}
],
"tags": [
"unsupported-when-assigned"
]
}
},
"cveMetadata": {
"assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"assignerShortName": "jpcert",
"cveId": "CVE-2026-24714",
"datePublished": "2026-01-30T03:53:30.144Z",
"dateReserved": "2026-01-26T05:24:46.172Z",
"dateUpdated": "2026-01-30T17:59:45.410Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-55704 (GCVE-0-2025-55704)
Vulnerability from cvelistv5 – Published: 2026-01-29 02:41 – Updated: 2026-01-29 17:55
VLAI?
Summary
Hidden functionality issue exists in multiple MFPs provided by Brother Industries, Ltd., which may allow an attacker to obtain the logs of the affected product and obtain sensitive information within the logs.
Severity ?
5.3 (Medium)
CWE
- CWE-912 - Hidden functionality
Assigner
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| Brother Industries, Ltd. | Multiple MFPs |
Affected:
see the information provided by the vendor
|
|||||||
|
|||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-55704",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-01-29T17:55:30.752261Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-01-29T17:55:42.308Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Multiple MFPs",
"vendor": "Brother Industries, Ltd.",
"versions": [
{
"status": "affected",
"version": "see the information provided by the vendor"
}
]
},
{
"product": "Multiple MFPs",
"vendor": "Konica Minolta, Inc.",
"versions": [
{
"status": "affected",
"version": "see the information provided by the vendor"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Hidden functionality issue exists in multiple MFPs provided by Brother Industries, Ltd., which may allow an attacker to obtain the logs of the affected product and obtain sensitive information within the logs."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en-US",
"value": "GENERAL"
}
]
},
{
"cvssV4_0": {
"baseScore": 6.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N",
"version": "4.0"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en-US",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-912",
"description": "Hidden functionality",
"lang": "en-US",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-01-29T02:41:30.640Z",
"orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"shortName": "jpcert"
},
"references": [
{
"url": "https://faq.brother.co.jp/app/answers/detail/a_id/13716"
},
{
"url": "https://www.konicaminolta.com/global-en/security/advisory/pdf/km-2026-0001.pdf"
},
{
"url": "https://jvn.jp/en/vu/JVNVU92878805/"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"assignerShortName": "jpcert",
"cveId": "CVE-2025-55704",
"datePublished": "2026-01-29T02:41:30.640Z",
"dateReserved": "2025-11-18T23:31:06.243Z",
"dateUpdated": "2026-01-29T17:55:42.308Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-53869 (GCVE-0-2025-53869)
Vulnerability from cvelistv5 – Published: 2026-01-29 02:40 – Updated: 2026-01-29 19:56
VLAI?
Summary
Multiple MFPs provided by Brother Industries, Ltd. does not properly validate server certificates, which may allow a man-in-the-middle attacker to replace the set of root certificates used by the product with a set of arbitrary certificates.
Severity ?
CWE
- CWE-295 - Improper certificate validation
Assigner
References
Impacted products
| Vendor | Product | Version | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Brother Industries, Ltd. | Multiple MFPs |
Affected:
see the information provided by the vendor
|
||||||||||||
|
||||||||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-53869",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-01-29T19:56:17.144679Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-01-29T19:56:34.917Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Multiple MFPs",
"vendor": "Brother Industries, Ltd.",
"versions": [
{
"status": "affected",
"version": "see the information provided by the vendor"
}
]
},
{
"product": "Multiple MFPs",
"vendor": "Konica Minolta, Inc.",
"versions": [
{
"status": "affected",
"version": "see the information provided by the vendor"
}
]
},
{
"product": "Multiple MFPs",
"vendor": "Ricoh Company, Ltd.",
"versions": [
{
"status": "affected",
"version": "see the information provided by the vendor"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Multiple MFPs provided by Brother Industries, Ltd. does not properly validate server certificates, which may allow a man-in-the-middle attacker to replace the set of root certificates used by the product with a set of arbitrary certificates."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 3.7,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en-US",
"value": "GENERAL"
}
]
},
{
"cvssV4_0": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N",
"version": "4.0"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en-US",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-295",
"description": "Improper certificate validation",
"lang": "en-US",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-01-29T02:40:57.255Z",
"orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"shortName": "jpcert"
},
"references": [
{
"url": "https://faq.brother.co.jp/app/answers/detail/a_id/13716"
},
{
"url": "https://www.konicaminolta.com/global-en/security/advisory/pdf/km-2026-0001.pdf"
},
{
"url": "https://www.ricoh.com/products/security/vulnerabilities/vul?id=ricoh-2026-000001"
},
{
"url": "https://jvn.jp/en/vu/JVNVU92878805/"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"assignerShortName": "jpcert",
"cveId": "CVE-2025-53869",
"datePublished": "2026-01-29T02:40:57.255Z",
"dateReserved": "2025-11-18T23:31:03.274Z",
"dateUpdated": "2026-01-29T19:56:34.917Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-21408 (GCVE-0-2026-21408)
Vulnerability from cvelistv5 – Published: 2026-01-27 05:08 – Updated: 2026-01-27 20:50
VLAI?
Summary
beat-access for Windows version 3.0.3 and prior contains an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries. As a result, arbitrary code may be executed with SYSTEM privileges.
Severity ?
CWE
- CWE-427 - Uncontrolled Search Path Element
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| FUJIFILM Business Innovation Corp. | beat-access for Windows |
Affected:
version 3.0.3 and prior
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-21408",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-01-27T20:50:01.275607Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-01-27T20:50:14.682Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "beat-access for Windows",
"vendor": "FUJIFILM Business Innovation Corp.",
"versions": [
{
"status": "affected",
"version": "version 3.0.3 and prior"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "beat-access for Windows version 3.0.3 and prior contains an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries. As a result, arbitrary code may be executed with SYSTEM privileges."
}
],
"metrics": [
{
"cvssV3_0": {
"baseScore": 7.3,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en-US",
"value": "GENERAL"
}
]
},
{
"cvssV4_0": {
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
"version": "4.0"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en-US",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-427",
"description": "Uncontrolled Search Path Element",
"lang": "en-US",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-01-27T05:08:20.229Z",
"orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"shortName": "jpcert"
},
"references": [
{
"url": "https://www.fujifilm.com/fbglobal/eng/company/news/notice/2026/0127_announce.html"
},
{
"url": "https://jvn.jp/en/jp/JVN03776126/"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"assignerShortName": "jpcert",
"cveId": "CVE-2026-21408",
"datePublished": "2026-01-27T05:08:20.229Z",
"dateReserved": "2026-01-19T06:37:18.443Z",
"dateUpdated": "2026-01-27T20:50:14.682Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-23699 (GCVE-0-2026-23699)
Vulnerability from cvelistv5 – Published: 2026-01-22 01:41 – Updated: 2026-01-22 17:39
VLAI?
Summary
AP180 series with firmware versions prior to AP_RGOS 11.9(4)B1P8 contains an OS command injection vulnerability. If this vulnerability is exploited, arbitrary commands may be executed on the devices.
Severity ?
CWE
- CWE-78 - Improper neutralization of special elements used in an OS command ('OS Command Injection')
Assigner
References
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Ruijie Networks Co., Ltd. | AP180(JA) V1.xx |
Affected:
prior to AP_RGOS 11.9(4)B1P8
|
||||||||||||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-23699",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-01-22T17:33:57.826150Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-01-22T17:39:43.926Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "AP180(JA) V1.xx",
"vendor": "Ruijie Networks Co., Ltd.",
"versions": [
{
"status": "affected",
"version": "prior to AP_RGOS 11.9(4)B1P8"
}
]
},
{
"product": "AP180(JP) V1.xx",
"vendor": "Ruijie Networks Co., Ltd.",
"versions": [
{
"status": "affected",
"version": "prior to AP_RGOS 11.9(4)B1P8"
}
]
},
{
"product": "AP180-AC V1.xx",
"vendor": "Ruijie Networks Co., Ltd.",
"versions": [
{
"status": "affected",
"version": "prior to AP_RGOS 11.9(4)B1P8"
}
]
},
{
"product": "AP180-PE V1.xx",
"vendor": "Ruijie Networks Co., Ltd.",
"versions": [
{
"status": "affected",
"version": "prior to AP_RGOS 11.9(4)B1P8"
}
]
},
{
"product": "AP180(JA) V2.xx",
"vendor": "Ruijie Networks Co., Ltd.",
"versions": [
{
"status": "affected",
"version": "prior to AP_RGOS 11.9(4)B1P8"
}
]
},
{
"product": "AP180-AC V2.xx",
"vendor": "Ruijie Networks Co., Ltd.",
"versions": [
{
"status": "affected",
"version": "prior to AP_RGOS 11.9(4)B1P8"
}
]
},
{
"product": "AP180-PE V2.xx",
"vendor": "Ruijie Networks Co., Ltd.",
"versions": [
{
"status": "affected",
"version": "prior to AP_RGOS 11.9(4)B1P8"
}
]
},
{
"product": "AP180-AC V3.xx",
"vendor": "Ruijie Networks Co., Ltd.",
"versions": [
{
"status": "affected",
"version": "prior to AP_RGOS 11.9(4)B1P8"
}
]
},
{
"product": "AP180-PE V3.xx",
"vendor": "Ruijie Networks Co., Ltd.",
"versions": [
{
"status": "affected",
"version": "prior to AP_RGOS 11.9(4)B1P8"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "AP180 series with firmware versions prior to AP_RGOS 11.9(4)B1P8 contains an OS command injection vulnerability. If this vulnerability is exploited, arbitrary commands may be executed on the devices."
}
],
"metrics": [
{
"cvssV3_0": {
"baseScore": 7.2,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en-US",
"value": "GENERAL"
}
]
},
{
"cvssV4_0": {
"baseScore": 8.6,
"baseSeverity": "HIGH",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
"version": "4.0"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en-US",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-78",
"description": "Improper neutralization of special elements used in an OS command (\u0027OS Command Injection\u0027)",
"lang": "en-US",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-01-22T01:41:22.386Z",
"orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"shortName": "jpcert"
},
"references": [
{
"url": "https://www.ruijie.co.jp/products/rg-ap180-pe_p432111650928590848.html#productDocument"
},
{
"url": "https://jvn.jp/en/jp/JVN86850670/"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"assignerShortName": "jpcert",
"cveId": "CVE-2026-23699",
"datePublished": "2026-01-22T01:41:22.386Z",
"dateReserved": "2026-01-15T01:07:48.781Z",
"dateUpdated": "2026-01-22T17:39:43.926Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-24016 (GCVE-0-2026-24016)
Vulnerability from cvelistv5 – Published: 2026-01-21 07:19 – Updated: 2026-01-21 14:28
VLAI?
Summary
The installer of ServerView Agents for Windows provided by Fsas Technologies Inc. may insecurely load Dynamic Link Libraries. Arbitrary code may be executed with the administrator privilege when the installer is executed.
Severity ?
CWE
- CWE-427 - Uncontrolled Search Path Element
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Fsas Technologies Inc. | ServerView Agents for Windows |
Affected:
V11.50.06 and earlier
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-24016",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-01-21T14:28:05.334267Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-01-21T14:28:14.172Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "ServerView Agents for Windows",
"vendor": "Fsas Technologies Inc.",
"versions": [
{
"status": "affected",
"version": "V11.50.06 and earlier"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The installer of ServerView Agents for Windows provided by Fsas Technologies Inc. may insecurely load Dynamic Link Libraries. Arbitrary code may be executed with the administrator privilege when the installer is executed."
}
],
"metrics": [
{
"cvssV3_0": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en-US",
"value": "GENERAL"
}
]
},
{
"cvssV4_0": {
"baseScore": 8.4,
"baseSeverity": "HIGH",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
"version": "4.0"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en-US",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-427",
"description": "Uncontrolled Search Path Element",
"lang": "en-US",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-01-21T07:19:03.236Z",
"orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"shortName": "jpcert"
},
"references": [
{
"url": "https://www.fsastech.com/ja-jp/resources/security/2026/0121.html"
},
{
"url": "https://jvn.jp/en/jp/JVN65211823/"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"assignerShortName": "jpcert",
"cveId": "CVE-2026-24016",
"datePublished": "2026-01-21T07:19:03.236Z",
"dateReserved": "2026-01-20T05:13:56.618Z",
"dateUpdated": "2026-01-21T14:28:14.172Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-22876 (GCVE-0-2026-22876)
Vulnerability from cvelistv5 – Published: 2026-01-16 08:17 – Updated: 2026-01-16 13:45
VLAI?
Summary
Path Traversal vulnerability exists in multiple Network Cameras TRIFORA 3 series provided by TOA Corporation. If this vulnerability is exploited, arbitrary files on the affected product may be retrieved by a logged-in user with the low("monitoring user") or higher privilege.
Severity ?
CWE
- CWE-22 - Improper limitation of a pathname to a restricted directory ('Path Traversal')
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| TOA Corporation | Multiple Network Cameras TRIFORA 3 series |
Affected:
see the information provided by the vendor
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-22876",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-01-16T13:44:54.173842Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-01-16T13:45:02.768Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Multiple Network Cameras TRIFORA 3 series",
"vendor": "TOA Corporation",
"versions": [
{
"status": "affected",
"version": "see the information provided by the vendor"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Path Traversal vulnerability exists in multiple Network Cameras TRIFORA 3 series provided by TOA Corporation. If this vulnerability is exploited, arbitrary files on the affected product may be retrieved by a logged-in user with the low(\"monitoring user\") or higher privilege."
}
],
"metrics": [
{
"cvssV3_0": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en-US",
"value": "GENERAL"
}
]
},
{
"cvssV4_0": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N",
"version": "4.0"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en-US",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-22",
"description": "Improper limitation of a pathname to a restricted directory (\u0027Path Traversal\u0027)",
"lang": "en-US",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-01-16T08:17:13.902Z",
"orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"shortName": "jpcert"
},
"references": [
{
"url": "https://www.toa-products.com/securityinfo/pdf/tv2025-001jp.pdf"
},
{
"url": "https://jvn.jp/en/jp/JVN08087148/"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"assignerShortName": "jpcert",
"cveId": "CVE-2026-22876",
"datePublished": "2026-01-16T08:17:13.902Z",
"dateReserved": "2026-01-14T04:14:36.610Z",
"dateUpdated": "2026-01-16T13:45:02.768Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-20894 (GCVE-0-2026-20894)
Vulnerability from cvelistv5 – Published: 2026-01-16 08:16 – Updated: 2026-01-16 13:45
VLAI?
Summary
Cross-site scripting vulnerability exists in multiple Network Cameras TRIFORA 3 series provided by TOA Corporation. If an attacking administrator configures the affected product with some malicious input, an arbitrary script may be executed on the web browser of a victim administrator who accesses the setting screen.
Severity ?
4.8 (Medium)
CWE
- CWE-79 - Cross-site scripting (XSS)
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| TOA Corporation | Multiple Network Cameras TRIFORA 3 series |
Affected:
see the information provided by the vendor
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-20894",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-01-16T13:45:23.693883Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-01-16T13:45:31.792Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Multiple Network Cameras TRIFORA 3 series",
"vendor": "TOA Corporation",
"versions": [
{
"status": "affected",
"version": "see the information provided by the vendor"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting vulnerability exists in multiple Network Cameras TRIFORA 3 series provided by TOA Corporation. If an attacking administrator configures the affected product with some malicious input, an arbitrary script may be executed on the web browser of a victim administrator who accesses the setting screen."
}
],
"metrics": [
{
"cvssV3_0": {
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en-US",
"value": "GENERAL"
}
]
},
{
"cvssV4_0": {
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N",
"version": "4.0"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en-US",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "Cross-site scripting (XSS)",
"lang": "en-US",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-01-16T08:16:57.696Z",
"orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"shortName": "jpcert"
},
"references": [
{
"url": "https://www.toa-products.com/securityinfo/pdf/tv2025-001jp.pdf"
},
{
"url": "https://jvn.jp/en/jp/JVN08087148/"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"assignerShortName": "jpcert",
"cveId": "CVE-2026-20894",
"datePublished": "2026-01-16T08:16:57.696Z",
"dateReserved": "2026-01-14T04:14:33.376Z",
"dateUpdated": "2026-01-16T13:45:31.792Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-20759 (GCVE-0-2026-20759)
Vulnerability from cvelistv5 – Published: 2026-01-16 08:16 – Updated: 2026-01-16 13:45
VLAI?
Summary
OS Command Injection vulnerability exists in multiple Network Cameras TRIFORA 3 series provided by TOA Corporation, which may allow a logged-in user with the low("monitoring user") or higher privilege to execute an arbitrary OS command.
Severity ?
CWE
- CWE-78 - Improper neutralization of special elements used in an OS command ('OS Command Injection')
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| TOA Corporation | Multiple Network Cameras TRIFORA 3 series |
Affected:
see the information provided by the vendor
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-20759",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-01-16T13:45:46.734639Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-01-16T13:45:56.900Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Multiple Network Cameras TRIFORA 3 series",
"vendor": "TOA Corporation",
"versions": [
{
"status": "affected",
"version": "see the information provided by the vendor"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "OS Command Injection vulnerability exists in multiple Network Cameras TRIFORA 3 series provided by TOA Corporation, which may allow a logged-in user with the low(\"monitoring user\") or higher privilege to execute an arbitrary OS command."
}
],
"metrics": [
{
"cvssV3_0": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en-US",
"value": "GENERAL"
}
]
},
{
"cvssV4_0": {
"baseScore": 8.7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
"version": "4.0"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en-US",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-78",
"description": "Improper neutralization of special elements used in an OS command (\u0027OS Command Injection\u0027)",
"lang": "en-US",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-01-16T08:16:45.444Z",
"orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"shortName": "jpcert"
},
"references": [
{
"url": "https://www.toa-products.com/securityinfo/pdf/tv2025-001jp.pdf"
},
{
"url": "https://jvn.jp/en/jp/JVN08087148/"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"assignerShortName": "jpcert",
"cveId": "CVE-2026-20759",
"datePublished": "2026-01-16T08:16:45.444Z",
"dateReserved": "2026-01-14T04:14:37.678Z",
"dateUpdated": "2026-01-16T13:45:56.900Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-68492 (GCVE-0-2025-68492)
Vulnerability from cvelistv5 – Published: 2026-01-14 06:27 – Updated: 2026-01-15 17:24
VLAI?
Summary
Chainlit versions prior to 2.8.5 contain an authorization bypass through user-controlled key vulnerability. If this vulnerability is exploited, threads may be viewed or thread ownership may be obtained by an attacker who can log in to the product.
Severity ?
CWE
- CWE-639 - Authorization bypass through user-controlled key
Assigner
References
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-68492",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-01-15T17:24:22.331411Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-01-15T17:24:34.226Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Chainlit",
"vendor": "Chainlit",
"versions": [
{
"status": "affected",
"version": "prior to 2.8.5"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Chainlit versions prior to 2.8.5 contain an authorization bypass through user-controlled key vulnerability. If this vulnerability is exploited, threads may be viewed or thread ownership may be obtained by an attacker who can log in to the product."
}
],
"metrics": [
{
"cvssV3_0": {
"baseScore": 4.2,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N",
"version": "3.0"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en-US",
"value": "GENERAL"
}
]
},
{
"cvssV4_0": {
"baseScore": 2.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N",
"version": "4.0"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en-US",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-639",
"description": "Authorization bypass through user-controlled key",
"lang": "en-US",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-01-14T06:27:14.846Z",
"orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"shortName": "jpcert"
},
"references": [
{
"url": "https://github.com/Chainlit/chainlit/releases"
},
{
"url": "https://jvn.jp/en/jp/JVN34964581/"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"assignerShortName": "jpcert",
"cveId": "CVE-2025-68492",
"datePublished": "2026-01-14T06:27:14.846Z",
"dateReserved": "2025-12-19T04:48:45.762Z",
"dateUpdated": "2026-01-15T17:24:34.226Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-21409 (GCVE-0-2026-21409)
Vulnerability from cvelistv5 – Published: 2026-01-09 07:15 – Updated: 2026-01-09 18:11
VLAI?
Summary
Improper authorization vulnerability exists in RICOH Streamline NX 3.5.1 to 24R3. If a man-in-the-middle attack is conducted on the communication between the affected product and its user, and some crafted request is processed by the product, the user's registration information and/or OIDC (OpenID Connect) tokens may be retrieved.
Severity ?
CWE
- CWE-639 - Authorization bypass through user-controlled key
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Ricoh Company, Ltd. | RICOH Streamline NX |
Affected:
3.5.1 to 24R3
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-21409",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-01-09T18:11:32.736478Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-01-09T18:11:55.373Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "RICOH Streamline NX",
"vendor": "Ricoh Company, Ltd.",
"versions": [
{
"status": "affected",
"version": "3.5.1 to 24R3"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Improper authorization vulnerability exists in RICOH Streamline NX 3.5.1 to 24R3. If a man-in-the-middle attack is conducted on the communication between the affected product and its user, and some crafted request is processed by the product, the user\u0027s registration information and/or OIDC (OpenID Connect) tokens may be retrieved."
}
],
"metrics": [
{
"cvssV3_0": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en-US",
"value": "GENERAL"
}
]
},
{
"cvssV4_0": {
"baseScore": 8.2,
"baseSeverity": "HIGH",
"vectorString": "CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N",
"version": "4.0"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en-US",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-639",
"description": "Authorization bypass through user-controlled key",
"lang": "en-US",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-01-09T07:15:52.994Z",
"orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"shortName": "jpcert"
},
"references": [
{
"url": "https://www.ricoh.com/products/security/vulnerabilities/vul?id=ricoh-2025-000011"
},
{
"url": "https://jvn.jp/en/jp/JVN12770174/"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"assignerShortName": "jpcert",
"cveId": "CVE-2026-21409",
"datePublished": "2026-01-09T07:15:52.994Z",
"dateReserved": "2025-12-24T07:24:57.904Z",
"dateUpdated": "2026-01-09T18:11:55.373Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}