Search

Find a vulnerability

Search criteria Use this form to refine search results.
Full-text search supports keyword queries with ranking and filtering.
You can combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by date instead of relevance.

    10 vulnerabilities found for eos_network_setting_tool by canon

    CVE-2026-9262 (GCVE-0-2026-9262)

    Vulnerability from nvd – Published: 2026-06-15 23:40 – Updated: 2026-06-16 15:01
    VLAI
    Summary
    Use of a non-secure protocol as the default FTP configuration in Canon EOS Network Setting Tool Version 1.5.0 or earlier
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-1188 - Initialization of a resource with an insecure default
    Assigner
    Credits
    This issue was discovered by Ryan Hausknecht (@haus3c)
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-9262",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-06-16T15:01:20.368197Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-06-16T15:01:31.260Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "EOS Network Setting Tool for Windows",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "1.5.0 or earlier"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "EOS Network Setting Tool for macOS",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "1.5.0 or earlier"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "This issue was discovered by Ryan Hausknecht (@haus3c)"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Use of a non-secure protocol as the default FTP configuration in Canon EOS Network Setting Tool Version 1.5.0 or earlier"
                }
              ],
              "value": "Use of a non-secure protocol as the default FTP configuration in Canon EOS Network Setting Tool Version 1.5.0 or earlier"
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "Automatable": "NOT_DEFINED",
                "Recovery": "NOT_DEFINED",
                "Safety": "NOT_DEFINED",
                "attackComplexity": "LOW",
                "attackRequirements": "NONE",
                "attackVector": "NETWORK",
                "baseScore": 7.1,
                "baseSeverity": "HIGH",
                "exploitMaturity": "NOT_DEFINED",
                "privilegesRequired": "NONE",
                "providerUrgency": "NOT_DEFINED",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "NONE",
                "userInteraction": "PASSIVE",
                "valueDensity": "NOT_DEFINED",
                "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N",
                "version": "4.0",
                "vulnAvailabilityImpact": "NONE",
                "vulnConfidentialityImpact": "HIGH",
                "vulnIntegrityImpact": "NONE",
                "vulnerabilityResponseEffort": "NOT_DEFINED"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            },
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 6.5,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-1188",
                  "description": "CWE-1188 Initialization of a resource with an insecure default",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-06-15T23:40:15.216Z",
            "orgId": "f98c90f0-e9bd-4fa7-911b-51993f3571fd",
            "shortName": "Canon"
          },
          "references": [
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://psirt.canon/advisory-information/cp2026-005/"
            },
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://canon.jp/support/support-info/260615vulnerability-response"
            },
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://www.usa.canon.com/about-us/to-our-customers/cpa2026-005-vulnerability-remediation-for-eos-network-setting-tool"
            },
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://www.canon-europe.com/support/product-security/"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "x_generator": {
            "engine": "Vulnogram 1.0.2"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "f98c90f0-e9bd-4fa7-911b-51993f3571fd",
        "assignerShortName": "Canon",
        "cveId": "CVE-2026-9262",
        "datePublished": "2026-06-15T23:40:15.216Z",
        "dateReserved": "2026-05-21T23:14:55.152Z",
        "dateUpdated": "2026-06-16T15:01:31.260Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-9261 (GCVE-0-2026-9261)

    Vulnerability from nvd – Published: 2026-06-15 23:39 – Updated: 2026-06-18 03:55
    VLAI
    Summary
    Use of weak SSH cryptographic algorithms in Canon EOS Network Setting Tool Version 1.5.0 or earlier
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-327 - Use of a Broken or Risky Cryptographic Algorithm
    Assigner
    Credits
    This issue was discovered by Ryan Hausknecht (@haus3c)
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-9261",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-06-17T00:00:00+00:00",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-06-18T03:55:38.801Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "EOS Network Setting Tool for Windows",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "1.5.0 or earlier"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "EOS Network Setting Tool for macOS",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "1.5.0 or earlier"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "This issue was discovered by Ryan Hausknecht (@haus3c)"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Use of weak SSH cryptographic algorithms in Canon EOS Network Setting Tool Version 1.5.0 or earlier"
                }
              ],
              "value": "Use of weak SSH cryptographic algorithms in Canon EOS Network Setting Tool Version 1.5.0 or earlier"
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "Automatable": "NOT_DEFINED",
                "Recovery": "NOT_DEFINED",
                "Safety": "NOT_DEFINED",
                "attackComplexity": "HIGH",
                "attackRequirements": "NONE",
                "attackVector": "NETWORK",
                "baseScore": 7.6,
                "baseSeverity": "HIGH",
                "exploitMaturity": "NOT_DEFINED",
                "privilegesRequired": "NONE",
                "providerUrgency": "NOT_DEFINED",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "NONE",
                "userInteraction": "PASSIVE",
                "valueDensity": "NOT_DEFINED",
                "vectorString": "CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:P/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N",
                "version": "4.0",
                "vulnAvailabilityImpact": "NONE",
                "vulnConfidentialityImpact": "HIGH",
                "vulnIntegrityImpact": "HIGH",
                "vulnerabilityResponseEffort": "NOT_DEFINED"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            },
            {
              "cvssV3_1": {
                "attackComplexity": "HIGH",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 6.8,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-327",
                  "description": "CWE-327: Use of a Broken or Risky Cryptographic Algorithm",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-06-15T23:39:23.700Z",
            "orgId": "f98c90f0-e9bd-4fa7-911b-51993f3571fd",
            "shortName": "Canon"
          },
          "references": [
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://psirt.canon/advisory-information/cp2026-005/"
            },
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://canon.jp/support/support-info/260615vulnerability-response"
            },
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://www.usa.canon.com/about-us/to-our-customers/cpa2026-005-vulnerability-remediation-for-eos-network-setting-tool"
            },
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://www.canon-europe.com/support/product-security/"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "x_generator": {
            "engine": "Vulnogram 1.0.2"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "f98c90f0-e9bd-4fa7-911b-51993f3571fd",
        "assignerShortName": "Canon",
        "cveId": "CVE-2026-9261",
        "datePublished": "2026-06-15T23:39:23.700Z",
        "dateReserved": "2026-05-21T23:14:53.345Z",
        "dateUpdated": "2026-06-18T03:55:38.801Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-9260 (GCVE-0-2026-9260)

    Vulnerability from nvd – Published: 2026-06-15 23:38 – Updated: 2026-06-16 12:41
    VLAI
    Summary
    Use of hard-coded cryptographic keys in Canon EOS Network Setting Tool Version 1.5.0 or earlier
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-321 - Use of hard-coded cryptographic key
    Assigner
    Credits
    This issue was discovered by Ryan Hausknecht (@haus3c)
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-9260",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-06-16T12:41:33.426171Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-06-16T12:41:43.181Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "EOS Network Setting Tool for Windows",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "1.5.0 or earlier"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "EOS Network Setting Tool for macOS",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "1.5.0 or earlier"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "This issue was discovered by Ryan Hausknecht (@haus3c)"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Use of hard-coded cryptographic keys in Canon EOS Network Setting Tool Version 1.5.0 or earlier"
                }
              ],
              "value": "Use of hard-coded cryptographic keys in Canon EOS Network Setting Tool Version 1.5.0 or earlier"
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "Automatable": "NOT_DEFINED",
                "Recovery": "NOT_DEFINED",
                "Safety": "NOT_DEFINED",
                "attackComplexity": "LOW",
                "attackRequirements": "NONE",
                "attackVector": "LOCAL",
                "baseScore": 6.9,
                "baseSeverity": "MEDIUM",
                "exploitMaturity": "NOT_DEFINED",
                "privilegesRequired": "NONE",
                "providerUrgency": "NOT_DEFINED",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "NONE",
                "userInteraction": "NONE",
                "valueDensity": "NOT_DEFINED",
                "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N",
                "version": "4.0",
                "vulnAvailabilityImpact": "NONE",
                "vulnConfidentialityImpact": "HIGH",
                "vulnIntegrityImpact": "NONE",
                "vulnerabilityResponseEffort": "NOT_DEFINED"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            },
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "NONE",
                "baseScore": 6.2,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-321",
                  "description": "CWE-321 Use of hard-coded cryptographic key",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-06-15T23:38:29.951Z",
            "orgId": "f98c90f0-e9bd-4fa7-911b-51993f3571fd",
            "shortName": "Canon"
          },
          "references": [
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://psirt.canon/advisory-information/cp2026-005/"
            },
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://canon.jp/support/support-info/260615vulnerability-response"
            },
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://www.usa.canon.com/about-us/to-our-customers/cpa2026-005-vulnerability-remediation-for-eos-network-setting-tool"
            },
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://www.canon-europe.com/support/product-security/"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "x_generator": {
            "engine": "Vulnogram 1.0.2"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "f98c90f0-e9bd-4fa7-911b-51993f3571fd",
        "assignerShortName": "Canon",
        "cveId": "CVE-2026-9260",
        "datePublished": "2026-06-15T23:38:29.951Z",
        "dateReserved": "2026-05-21T23:14:51.893Z",
        "dateUpdated": "2026-06-16T12:41:43.181Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-9259 (GCVE-0-2026-9259)

    Vulnerability from nvd – Published: 2026-06-15 23:36 – Updated: 2026-06-16 12:43
    VLAI
    Summary
    Improper validation of server certificates in Canon EOS Network Setting Tool Version 1.5.0 or earlier
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-295 - Improper certificate validation
    Assigner
    Credits
    This issue was discovered by Ryan Hausknecht (@haus3c)
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-9259",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-06-16T12:43:13.289990Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-06-16T12:43:21.760Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "EOS Network Setting Tool for Windows",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "1.5.0 or earlier"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "EOS Network Setting Tool for macOS",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "1.5.0 or earlier"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "This issue was discovered by Ryan Hausknecht (@haus3c)"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Improper validation of server certificates in Canon EOS Network Setting Tool Version 1.5.0 or earlier"
                }
              ],
              "value": "Improper validation of server certificates in Canon EOS Network Setting Tool Version 1.5.0 or earlier"
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "Automatable": "NOT_DEFINED",
                "Recovery": "NOT_DEFINED",
                "Safety": "NOT_DEFINED",
                "attackComplexity": "LOW",
                "attackRequirements": "NONE",
                "attackVector": "NETWORK",
                "baseScore": 7.1,
                "baseSeverity": "HIGH",
                "exploitMaturity": "NOT_DEFINED",
                "privilegesRequired": "NONE",
                "providerUrgency": "NOT_DEFINED",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "NONE",
                "userInteraction": "PASSIVE",
                "valueDensity": "NOT_DEFINED",
                "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N",
                "version": "4.0",
                "vulnAvailabilityImpact": "NONE",
                "vulnConfidentialityImpact": "HIGH",
                "vulnIntegrityImpact": "NONE",
                "vulnerabilityResponseEffort": "NOT_DEFINED"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            },
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 6.5,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-295",
                  "description": "CWE-295 Improper certificate validation",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-06-15T23:36:28.761Z",
            "orgId": "f98c90f0-e9bd-4fa7-911b-51993f3571fd",
            "shortName": "Canon"
          },
          "references": [
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://psirt.canon/advisory-information/cp2026-005/"
            },
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://canon.jp/support/support-info/260615vulnerability-response"
            },
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://www.usa.canon.com/about-us/to-our-customers/cpa2026-005-vulnerability-remediation-for-eos-network-setting-tool"
            },
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://www.canon-europe.com/support/product-security/"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "x_generator": {
            "engine": "Vulnogram 1.0.2"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "f98c90f0-e9bd-4fa7-911b-51993f3571fd",
        "assignerShortName": "Canon",
        "cveId": "CVE-2026-9259",
        "datePublished": "2026-06-15T23:36:28.761Z",
        "dateReserved": "2026-05-21T23:14:50.204Z",
        "dateUpdated": "2026-06-16T12:43:21.760Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-9258 (GCVE-0-2026-9258)

    Vulnerability from nvd – Published: 2026-06-15 23:35 – Updated: 2026-06-16 12:47
    VLAI
    Summary
    Improper validation of SSH host keys in Canon EOS Network Setting Tool Version 1.5.0 or earlier
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-295 - Improper certificate validation
    Assigner
    Credits
    This issue was discovered by Ryan Hausknecht (@haus3c)
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-9258",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-06-16T12:47:09.464807Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-06-16T12:47:23.858Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "EOS Network Setting Tool for Windows",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "1.5.0 or earlier"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "EOS Network Setting Tool for macOS",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "1.5.0 or earlier"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "This issue was discovered by Ryan Hausknecht (@haus3c)"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Improper validation of SSH host keys in Canon EOS Network Setting Tool Version 1.5.0 or earlier"
                }
              ],
              "value": "Improper validation of SSH host keys in Canon EOS Network Setting Tool Version 1.5.0 or earlier"
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "Automatable": "NOT_DEFINED",
                "Recovery": "NOT_DEFINED",
                "Safety": "NOT_DEFINED",
                "attackComplexity": "LOW",
                "attackRequirements": "NONE",
                "attackVector": "NETWORK",
                "baseScore": 7.1,
                "baseSeverity": "HIGH",
                "exploitMaturity": "NOT_DEFINED",
                "privilegesRequired": "NONE",
                "providerUrgency": "NOT_DEFINED",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "NONE",
                "userInteraction": "PASSIVE",
                "valueDensity": "NOT_DEFINED",
                "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N",
                "version": "4.0",
                "vulnAvailabilityImpact": "NONE",
                "vulnConfidentialityImpact": "HIGH",
                "vulnIntegrityImpact": "NONE",
                "vulnerabilityResponseEffort": "NOT_DEFINED"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            },
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 6.5,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-295",
                  "description": "CWE-295 Improper certificate validation",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-06-15T23:35:41.442Z",
            "orgId": "f98c90f0-e9bd-4fa7-911b-51993f3571fd",
            "shortName": "Canon"
          },
          "references": [
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://psirt.canon/advisory-information/cp2026-005/"
            },
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://canon.jp/support/support-info/260615vulnerability-response"
            },
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://www.usa.canon.com/about-us/to-our-customers/cpa2026-005-vulnerability-remediation-for-eos-network-setting-tool"
            },
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://www.canon-europe.com/support/product-security/"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "x_generator": {
            "engine": "Vulnogram 1.0.2"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "f98c90f0-e9bd-4fa7-911b-51993f3571fd",
        "assignerShortName": "Canon",
        "cveId": "CVE-2026-9258",
        "datePublished": "2026-06-15T23:35:41.442Z",
        "dateReserved": "2026-05-21T23:14:48.638Z",
        "dateUpdated": "2026-06-16T12:47:23.858Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-9262 (GCVE-0-2026-9262)

    Vulnerability from cvelistv5 – Published: 2026-06-15 23:40 – Updated: 2026-06-16 15:01
    VLAI
    Summary
    Use of a non-secure protocol as the default FTP configuration in Canon EOS Network Setting Tool Version 1.5.0 or earlier
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-1188 - Initialization of a resource with an insecure default
    Assigner
    Credits
    This issue was discovered by Ryan Hausknecht (@haus3c)
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-9262",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-06-16T15:01:20.368197Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-06-16T15:01:31.260Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "EOS Network Setting Tool for Windows",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "1.5.0 or earlier"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "EOS Network Setting Tool for macOS",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "1.5.0 or earlier"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "This issue was discovered by Ryan Hausknecht (@haus3c)"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Use of a non-secure protocol as the default FTP configuration in Canon EOS Network Setting Tool Version 1.5.0 or earlier"
                }
              ],
              "value": "Use of a non-secure protocol as the default FTP configuration in Canon EOS Network Setting Tool Version 1.5.0 or earlier"
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "Automatable": "NOT_DEFINED",
                "Recovery": "NOT_DEFINED",
                "Safety": "NOT_DEFINED",
                "attackComplexity": "LOW",
                "attackRequirements": "NONE",
                "attackVector": "NETWORK",
                "baseScore": 7.1,
                "baseSeverity": "HIGH",
                "exploitMaturity": "NOT_DEFINED",
                "privilegesRequired": "NONE",
                "providerUrgency": "NOT_DEFINED",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "NONE",
                "userInteraction": "PASSIVE",
                "valueDensity": "NOT_DEFINED",
                "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N",
                "version": "4.0",
                "vulnAvailabilityImpact": "NONE",
                "vulnConfidentialityImpact": "HIGH",
                "vulnIntegrityImpact": "NONE",
                "vulnerabilityResponseEffort": "NOT_DEFINED"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            },
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 6.5,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-1188",
                  "description": "CWE-1188 Initialization of a resource with an insecure default",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-06-15T23:40:15.216Z",
            "orgId": "f98c90f0-e9bd-4fa7-911b-51993f3571fd",
            "shortName": "Canon"
          },
          "references": [
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://psirt.canon/advisory-information/cp2026-005/"
            },
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://canon.jp/support/support-info/260615vulnerability-response"
            },
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://www.usa.canon.com/about-us/to-our-customers/cpa2026-005-vulnerability-remediation-for-eos-network-setting-tool"
            },
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://www.canon-europe.com/support/product-security/"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "x_generator": {
            "engine": "Vulnogram 1.0.2"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "f98c90f0-e9bd-4fa7-911b-51993f3571fd",
        "assignerShortName": "Canon",
        "cveId": "CVE-2026-9262",
        "datePublished": "2026-06-15T23:40:15.216Z",
        "dateReserved": "2026-05-21T23:14:55.152Z",
        "dateUpdated": "2026-06-16T15:01:31.260Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-9261 (GCVE-0-2026-9261)

    Vulnerability from cvelistv5 – Published: 2026-06-15 23:39 – Updated: 2026-06-18 03:55
    VLAI
    Summary
    Use of weak SSH cryptographic algorithms in Canon EOS Network Setting Tool Version 1.5.0 or earlier
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-327 - Use of a Broken or Risky Cryptographic Algorithm
    Assigner
    Credits
    This issue was discovered by Ryan Hausknecht (@haus3c)
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-9261",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-06-17T00:00:00+00:00",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-06-18T03:55:38.801Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "EOS Network Setting Tool for Windows",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "1.5.0 or earlier"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "EOS Network Setting Tool for macOS",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "1.5.0 or earlier"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "This issue was discovered by Ryan Hausknecht (@haus3c)"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Use of weak SSH cryptographic algorithms in Canon EOS Network Setting Tool Version 1.5.0 or earlier"
                }
              ],
              "value": "Use of weak SSH cryptographic algorithms in Canon EOS Network Setting Tool Version 1.5.0 or earlier"
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "Automatable": "NOT_DEFINED",
                "Recovery": "NOT_DEFINED",
                "Safety": "NOT_DEFINED",
                "attackComplexity": "HIGH",
                "attackRequirements": "NONE",
                "attackVector": "NETWORK",
                "baseScore": 7.6,
                "baseSeverity": "HIGH",
                "exploitMaturity": "NOT_DEFINED",
                "privilegesRequired": "NONE",
                "providerUrgency": "NOT_DEFINED",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "NONE",
                "userInteraction": "PASSIVE",
                "valueDensity": "NOT_DEFINED",
                "vectorString": "CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:P/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N",
                "version": "4.0",
                "vulnAvailabilityImpact": "NONE",
                "vulnConfidentialityImpact": "HIGH",
                "vulnIntegrityImpact": "HIGH",
                "vulnerabilityResponseEffort": "NOT_DEFINED"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            },
            {
              "cvssV3_1": {
                "attackComplexity": "HIGH",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 6.8,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-327",
                  "description": "CWE-327: Use of a Broken or Risky Cryptographic Algorithm",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-06-15T23:39:23.700Z",
            "orgId": "f98c90f0-e9bd-4fa7-911b-51993f3571fd",
            "shortName": "Canon"
          },
          "references": [
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://psirt.canon/advisory-information/cp2026-005/"
            },
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://canon.jp/support/support-info/260615vulnerability-response"
            },
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://www.usa.canon.com/about-us/to-our-customers/cpa2026-005-vulnerability-remediation-for-eos-network-setting-tool"
            },
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://www.canon-europe.com/support/product-security/"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "x_generator": {
            "engine": "Vulnogram 1.0.2"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "f98c90f0-e9bd-4fa7-911b-51993f3571fd",
        "assignerShortName": "Canon",
        "cveId": "CVE-2026-9261",
        "datePublished": "2026-06-15T23:39:23.700Z",
        "dateReserved": "2026-05-21T23:14:53.345Z",
        "dateUpdated": "2026-06-18T03:55:38.801Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-9260 (GCVE-0-2026-9260)

    Vulnerability from cvelistv5 – Published: 2026-06-15 23:38 – Updated: 2026-06-16 12:41
    VLAI
    Summary
    Use of hard-coded cryptographic keys in Canon EOS Network Setting Tool Version 1.5.0 or earlier
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-321 - Use of hard-coded cryptographic key
    Assigner
    Credits
    This issue was discovered by Ryan Hausknecht (@haus3c)
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-9260",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-06-16T12:41:33.426171Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-06-16T12:41:43.181Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "EOS Network Setting Tool for Windows",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "1.5.0 or earlier"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "EOS Network Setting Tool for macOS",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "1.5.0 or earlier"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "This issue was discovered by Ryan Hausknecht (@haus3c)"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Use of hard-coded cryptographic keys in Canon EOS Network Setting Tool Version 1.5.0 or earlier"
                }
              ],
              "value": "Use of hard-coded cryptographic keys in Canon EOS Network Setting Tool Version 1.5.0 or earlier"
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "Automatable": "NOT_DEFINED",
                "Recovery": "NOT_DEFINED",
                "Safety": "NOT_DEFINED",
                "attackComplexity": "LOW",
                "attackRequirements": "NONE",
                "attackVector": "LOCAL",
                "baseScore": 6.9,
                "baseSeverity": "MEDIUM",
                "exploitMaturity": "NOT_DEFINED",
                "privilegesRequired": "NONE",
                "providerUrgency": "NOT_DEFINED",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "NONE",
                "userInteraction": "NONE",
                "valueDensity": "NOT_DEFINED",
                "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N",
                "version": "4.0",
                "vulnAvailabilityImpact": "NONE",
                "vulnConfidentialityImpact": "HIGH",
                "vulnIntegrityImpact": "NONE",
                "vulnerabilityResponseEffort": "NOT_DEFINED"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            },
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "NONE",
                "baseScore": 6.2,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-321",
                  "description": "CWE-321 Use of hard-coded cryptographic key",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-06-15T23:38:29.951Z",
            "orgId": "f98c90f0-e9bd-4fa7-911b-51993f3571fd",
            "shortName": "Canon"
          },
          "references": [
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://psirt.canon/advisory-information/cp2026-005/"
            },
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://canon.jp/support/support-info/260615vulnerability-response"
            },
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://www.usa.canon.com/about-us/to-our-customers/cpa2026-005-vulnerability-remediation-for-eos-network-setting-tool"
            },
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://www.canon-europe.com/support/product-security/"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "x_generator": {
            "engine": "Vulnogram 1.0.2"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "f98c90f0-e9bd-4fa7-911b-51993f3571fd",
        "assignerShortName": "Canon",
        "cveId": "CVE-2026-9260",
        "datePublished": "2026-06-15T23:38:29.951Z",
        "dateReserved": "2026-05-21T23:14:51.893Z",
        "dateUpdated": "2026-06-16T12:41:43.181Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-9259 (GCVE-0-2026-9259)

    Vulnerability from cvelistv5 – Published: 2026-06-15 23:36 – Updated: 2026-06-16 12:43
    VLAI
    Summary
    Improper validation of server certificates in Canon EOS Network Setting Tool Version 1.5.0 or earlier
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-295 - Improper certificate validation
    Assigner
    Credits
    This issue was discovered by Ryan Hausknecht (@haus3c)
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-9259",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-06-16T12:43:13.289990Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-06-16T12:43:21.760Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "EOS Network Setting Tool for Windows",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "1.5.0 or earlier"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "EOS Network Setting Tool for macOS",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "1.5.0 or earlier"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "This issue was discovered by Ryan Hausknecht (@haus3c)"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Improper validation of server certificates in Canon EOS Network Setting Tool Version 1.5.0 or earlier"
                }
              ],
              "value": "Improper validation of server certificates in Canon EOS Network Setting Tool Version 1.5.0 or earlier"
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "Automatable": "NOT_DEFINED",
                "Recovery": "NOT_DEFINED",
                "Safety": "NOT_DEFINED",
                "attackComplexity": "LOW",
                "attackRequirements": "NONE",
                "attackVector": "NETWORK",
                "baseScore": 7.1,
                "baseSeverity": "HIGH",
                "exploitMaturity": "NOT_DEFINED",
                "privilegesRequired": "NONE",
                "providerUrgency": "NOT_DEFINED",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "NONE",
                "userInteraction": "PASSIVE",
                "valueDensity": "NOT_DEFINED",
                "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N",
                "version": "4.0",
                "vulnAvailabilityImpact": "NONE",
                "vulnConfidentialityImpact": "HIGH",
                "vulnIntegrityImpact": "NONE",
                "vulnerabilityResponseEffort": "NOT_DEFINED"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            },
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 6.5,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-295",
                  "description": "CWE-295 Improper certificate validation",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-06-15T23:36:28.761Z",
            "orgId": "f98c90f0-e9bd-4fa7-911b-51993f3571fd",
            "shortName": "Canon"
          },
          "references": [
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://psirt.canon/advisory-information/cp2026-005/"
            },
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://canon.jp/support/support-info/260615vulnerability-response"
            },
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://www.usa.canon.com/about-us/to-our-customers/cpa2026-005-vulnerability-remediation-for-eos-network-setting-tool"
            },
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://www.canon-europe.com/support/product-security/"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "x_generator": {
            "engine": "Vulnogram 1.0.2"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "f98c90f0-e9bd-4fa7-911b-51993f3571fd",
        "assignerShortName": "Canon",
        "cveId": "CVE-2026-9259",
        "datePublished": "2026-06-15T23:36:28.761Z",
        "dateReserved": "2026-05-21T23:14:50.204Z",
        "dateUpdated": "2026-06-16T12:43:21.760Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-9258 (GCVE-0-2026-9258)

    Vulnerability from cvelistv5 – Published: 2026-06-15 23:35 – Updated: 2026-06-16 12:47
    VLAI
    Summary
    Improper validation of SSH host keys in Canon EOS Network Setting Tool Version 1.5.0 or earlier
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-295 - Improper certificate validation
    Assigner
    Credits
    This issue was discovered by Ryan Hausknecht (@haus3c)
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-9258",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-06-16T12:47:09.464807Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-06-16T12:47:23.858Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "EOS Network Setting Tool for Windows",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "1.5.0 or earlier"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "EOS Network Setting Tool for macOS",
              "vendor": "Canon Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "1.5.0 or earlier"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "This issue was discovered by Ryan Hausknecht (@haus3c)"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Improper validation of SSH host keys in Canon EOS Network Setting Tool Version 1.5.0 or earlier"
                }
              ],
              "value": "Improper validation of SSH host keys in Canon EOS Network Setting Tool Version 1.5.0 or earlier"
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "Automatable": "NOT_DEFINED",
                "Recovery": "NOT_DEFINED",
                "Safety": "NOT_DEFINED",
                "attackComplexity": "LOW",
                "attackRequirements": "NONE",
                "attackVector": "NETWORK",
                "baseScore": 7.1,
                "baseSeverity": "HIGH",
                "exploitMaturity": "NOT_DEFINED",
                "privilegesRequired": "NONE",
                "providerUrgency": "NOT_DEFINED",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "NONE",
                "userInteraction": "PASSIVE",
                "valueDensity": "NOT_DEFINED",
                "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N",
                "version": "4.0",
                "vulnAvailabilityImpact": "NONE",
                "vulnConfidentialityImpact": "HIGH",
                "vulnIntegrityImpact": "NONE",
                "vulnerabilityResponseEffort": "NOT_DEFINED"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            },
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 6.5,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-295",
                  "description": "CWE-295 Improper certificate validation",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-06-15T23:35:41.442Z",
            "orgId": "f98c90f0-e9bd-4fa7-911b-51993f3571fd",
            "shortName": "Canon"
          },
          "references": [
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://psirt.canon/advisory-information/cp2026-005/"
            },
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://canon.jp/support/support-info/260615vulnerability-response"
            },
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://www.usa.canon.com/about-us/to-our-customers/cpa2026-005-vulnerability-remediation-for-eos-network-setting-tool"
            },
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://www.canon-europe.com/support/product-security/"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "x_generator": {
            "engine": "Vulnogram 1.0.2"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "f98c90f0-e9bd-4fa7-911b-51993f3571fd",
        "assignerShortName": "Canon",
        "cveId": "CVE-2026-9258",
        "datePublished": "2026-06-15T23:35:41.442Z",
        "dateReserved": "2026-05-21T23:14:48.638Z",
        "dateUpdated": "2026-06-16T12:47:23.858Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }