CVE-2026-56809
MediumCVSS 6.1Exploitation Probability (EPSS)
Low risk8th percentile — higher than 8% of all known CVEs
Summary
Multiple laser printers and MFPs implementing Ricoh Web Image Monitor contain a reflected cross-site scripting vulnerability. An attacker can exploit this flaw to execute arbitrary scripts in the browser of a user accessing Web Image Monitor.
Risk Assessment
The risk includes session hijacking, credential theft, or unauthorized actions performed within the context of the device administrator's session.
Recommendation
Immediately update the Web Image Monitor software to the latest version provided by the vendor and restrict access to the management interface to trusted networks only.
Original NVD description (English source)
Multiple laser printers and MFPs (multifunction printers) which implement Ricoh Web Image Monitor contain a reflected cross-site scripting vulnerability. An arbitrary script may be executed on the web browser of the user who accesses Web Image Monitor.

