CVE-2026-9258
6.5 MEDIUMImproper validation of SSH host keys in Canon EOS Network Setting Tool Version 1.5.0 or earlier
Published: 2026-06-16 · Last updated: 2026-06-16
Severity and scoring
- CVSS
- 6.5 MEDIUM
- Vector
- CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
- CWE
- CWE-295
Description
Improper validation of SSH host keys in Canon EOS Network Setting Tool Version 1.5.0 or earlier
Source: NVD
References
- [NVD]https://nvd.nist.gov/vuln/detail/CVE-2026-9258
- [Other]https://canon.jp/support/support-info/260615vulnerability-response
- [Other]https://psirt.canon/advisory-information/cp2026-005/
- [Other]https://www.canon-europe.com/support/product-security/
- [Other]https://www.usa.canon.com/about-us/to-our-customers/cpa2026-005-vulnerability-remediation-for-eos-network-setting-tool
Related CVEs
Same CWE
- CVE-2025-71261 — An attacker with network-level access between the SUSE Virtualization and Rancher Manager in SUSE Harvester before 1.8.0 could interfere... (8.6 HIGH)
- CVE-2026-9259 — Improper validation of server certificates in Canon EOS Network Setting Tool Version 1.5.0 or earlier (6.5 MEDIUM)
- CVE-2026-45388 — In OCaml-TLS before 2.1.0, the client implementation does insufficient checks of the certificate provided by the server, which allows imp... (9.1 CRITICAL)
- CVE-2026-45170 — Idira Privilege Cloud Connector versions prior 1.1.100504 under specific conditions and configuration scenarios, TLS certificate validati...
- CVE-2026-45175 — Idira Endpoint Privilege Manager Agent versions prior to 26.5 exhibit improper access control within internal agent validation processes