← Back to CVEs
CVE-2026-21409
N/ADescription
Improper authorization vulnerability exists in RICOH Streamline NX 3.5.1 to 24R3. If a man-in-the-middle attack is conducted on the communication between the affected product and its user, and some crafted request is processed by the product, the user's registration information and/or OIDC (OpenID Connect) tokens may be retrieved.
CVE Details
CVSS v3.1 ScoreN/A
Published1/9/2026
Last Modified1/13/2026
Sourcenvd
Honeypot Sightings0
Weaknesses (CWE)
CWE-639
References
https://jvn.jp/en/jp/JVN12770174/(vultures@jpcert.or.jp)
https://www.ricoh.com/products/security/vulnerabilities/vul?id=ricoh-2025-000011(vultures@jpcert.or.jp)
IOC Correlations
No correlations recorded
This product uses data from the NVD API but is not endorsed or certified by the NVD.