GCVE - cpe:2.3:a:ricoh_company,_ltd.:ricoh_streamline

Approved changes feed: RSS · Atom

cpe:2.3:a:ricoh_company,_ltd.:ricoh_streamline_nx:*:*:*:*:*:*:*:*

part: a version: * update: *

Vendor	Ricoh Company, Ltd. (`8c218467-a8cb-505f-ae89-b66f55ead3ea`)
Product	Ricoh Streamline Nx (`49dc6696-f93c-5f57-ac6c-621fe7946572`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from gcve-enriched-dumps CVE data

PURL mappings

PURL	Source	Last updated
No PURL mappings for this CPE yet.

Vulnerability references

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2026-21409`	vulnerable	2026-06-08 07:49:16.344061	Details available MEDIUM (5.9) Improper authorization vulnerability exists in RICOH Streamline NX 3.5.1 to 24R3. If a man-in-the-middle attack is conducted on the communication between the affected product and its user, and some crafted request is processed by the product, the user's registration information and/or OIDC (OpenID Connect) tokens may be retrieved. Published: 2026-01-09T07:15:52.994Z Updated: 2026-01-09T18:11:55.373Z Open on db.gcve.eu Reference links https://www.ricoh.com/products/security/vulnerabilities/vul?id=ricoh-2025-000011 https://jvn.jp/en/jp/JVN12770174/	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2025-58422`	vulnerable	2026-06-08 07:35:18.239623	Details available LOW (3.1) RICOH Streamline NX versions 3.5.1 to 24R3 are vulnerable to tampering with operation history. If an attacker can perform a man-in-the-middle attack, they may alter the values of HTTP requests, which could result in tampering with the operation history of the product’s management tool. Published: 2025-09-08T04:43:01.703Z Updated: 2025-09-08T18:38:49.856Z Open on db.gcve.eu Reference links https://www.ricoh.com/products/security/vulnerabilities/vul?id=ricoh-2025-000010 https://jvn.jp/en/jp/JVN75307484/	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2025-41439`	vulnerable	2026-06-08 07:25:07.066132	Details available MEDIUM (6.1) A reflected cross-site scripting vulnerability via a specific parameter exists in SLNX Help Documentation of RICOH Streamline NX. If this vulnerability is exploited, an arbitrary script may be executed in the web browser of the user who accessed the product. Published: 2025-06-30T09:16:19.377Z Updated: 2025-06-30T15:12:29.712Z Open on db.gcve.eu Reference links https://www.ricoh.com/products/security/vulnerabilities/vul?id=ricoh-2025-000008 https://jvn.jp/en/jp/JVN24333956/	Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.

Ricoh Streamline Nx

PURL mappings

Vulnerability references

Contribute