CVE-2026-42950

MEDIUM CVSS 4.3 View on NVD ↗

Description

ELECOM wireless LAN access point devices do not check if language parameter has an appropriate value. If a user views a malicious page while logged in, the admin page on the user's web browser may become broken.

CVSS Vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

References

https://jvn.jp/en/jp/JVN03037325/
https://www.elecom.co.jp/news/security/20260512-01/

Published: May 13, 2026 13:16 UTC Modified: May 13, 2026 15:47 UTC