Medium severity5.9NVD Advisory· Published Jan 9, 2026· Updated Apr 15, 2026
CVE-2026-21409
CVE-2026-21409
Description
Improper authorization vulnerability exists in RICOH Streamline NX 3.5.1 to 24R3. If a man-in-the-middle attack is conducted on the communication between the affected product and its user, and some crafted request is processed by the product, the user's registration information and/or OIDC (OpenID Connect) tokens may be retrieved.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
1- Range: 3.5.1 to 24R3
Patches
Vulnerability mechanics
References
2News mentions
0No linked articles in our index yet.