Open Redirect Vulnerability in Ricoh Laser Printers and MFPs
CVE-2026-41226

5.1MEDIUM

Key Information:

Vendor: Ricoh Company, Ltd.
Status: Multiple Laser Printers And Mfps Which Implement Web Image Monitor
Vendor: CVE Published:; 30 April 2026

🔔 Create Ricoh Company, Ltd. Vulnerability Alert

What is CVE-2026-41226?

An open redirect vulnerability has been identified in various Ricoh laser printers and multifunction printers (MFPs) using the Ricoh Web Image Monitor. This vulnerability allows an attacker to craft a malicious URL that redirects users to an arbitrary website when accessed. This poses a significant risk as users may unknowingly become victims of phishing attacks, compromising their sensitive information. It's crucial for users and administrators to be aware of this vulnerability and apply necessary security measures.

Affected Version(s)

Multiple laser printers and MFPs which implement Web Image Monitor see the information provided by the vendor

References

https://www.ricoh.com/products/security/vulnerabilities/v...

https://jp.ricoh.com/security/products/vulnerabilities/vu...

https://jvn.jp/en/jp/JVN65118274/

CVSS V4

Score:

5.1

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

Unknown

CVSS V3.0

Score:

6.1

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

Low

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Changed

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Apr 30, 2026
Vulnerability Reserved
Apr 20, 2026

CVE-2026-41226 Data

JSON