CVE Field Guide
About Us
CVE-2026-9261
PUBLISHED
Assigner:
Canon
Reserved:
21.05.2026
Published:
15.06.2026
Updated:
15.06.2026
Use of weak SSH cryptographic algorithms in Canon EOS Network Setting Tool Version 1.5.0 or earlier
Metrics
CVSS 3.1
CVSS 4.0
CVSS Vector:
CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:P/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N
CVSS Score:
7.6
CVSS score
7.6
Exploitability Metrics
Vulnerable System Impact Metrics
Subsequent System Impact Metrics
Attack Vector
Network
Confidentiality
High
Confidentiality
None
Attack Complexity
High
Integrity
High
Integrity
None
Attack Requirements
None
Availability
None
Availability
None
Privileges Required
None
User Interaction
Passive
CVSS 4.0
CVSS Vector:
CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N
CVSS Score:
6.8
CVSS score
6.8
Attack Vector
Network
Scope
Unchanged
Attack Complexity
High
Confidentiality Impact
High
Privileges Required
None
Integrity Impact
High
User Interaction
Required
Availability Impact
None
CVSS 3.1
Product Status
Vendor
Canon Inc.
Product
EOS Network Setting Tool for Windows
Versions
Default:
unaffected
Version 1.5.0 or earlier is affected
Vendor
Canon Inc.
Product
EOS Network Setting Tool for macOS
Versions
Default:
unaffected
Version 1.5.0 or earlier is affected
Credits
This issue was discovered by Ryan Hausknecht (@haus3c)
finder
References
https://psirt.canon/advisory-information/cp2026-005/
https://canon.jp/support/support-info/260615vulnerability-response
https://www.usa.canon.com/about-us/to-our-customers/cpa2026-005-vulnerability-remediation-for-eos-network-setting-tool
https://www.canon-europe.com/support/product-security/
Problem Types
CWE-327: Use of a Broken or Risky Cryptographic Algorithm
CWE