DLL Path Vulnerability in RICOH’s Log Analysis Tool
CVE-2026-26050

8.4HIGH

Key Information:

Vendor: Ricoh Company, Ltd.
Status: ジョブログ集計/分析ソフトウェア Ricohジョブログ集計ツール
Vendor: CVE Published:; 20 February 2026

🔔 Create Ricoh Company, Ltd. Vulnerability Alert

What is CVE-2026-26050?

The installer for RICOH’s log analysis software contains a vulnerability related to the search path for Dynamic Link Libraries (DLLs). This issue allows for insecure loading of DLLs, which could potentially result in arbitrary code execution with administrative privileges. Malicious actors could exploit this flaw to execute harmful code, significantly compromising the integrity and security of affected systems. It is crucial for users of this software to upgrade to version 1.3.7 or later to mitigate these risks.

Affected Version(s)

ジョブログ集計/分析ソフトウェア RICOHジョブログ集計ツール versions prior to Ver.1.3.7

References

https://support.ricoh.com/bbv2/html/dr_ut_d/ut/history/w/...

https://jvn.jp/en/jp/JVN69531868/

CVSS V4

Score:

8.4

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

Unknown

CVSS V3.0

Score:

7.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Feb 20, 2026
Vulnerability Reserved
Feb 17, 2026

CVE-2026-26050 Data

JSON