{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-5115", "assignerOrgId": "eb41dac7-0af8-4f84-9f6d-0272772514f4", "state": "PUBLISHED", "assignerShortName": "PaperCut", "dateReserved": "2026-03-29T22:32:07.583Z", "datePublished": "2026-03-31T00:54:48.889Z", "dateUpdated": "2026-03-31T13:59:35.485Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "eb41dac7-0af8-4f84-9f6d-0272772514f4", "shortName": "PaperCut", "dateUpdated": "2026-03-31T01:08:05.715Z"}, "title": "Session hijacking in PaperCut NG/MF embedded application for Konica Minolta devices", "problemTypes": [{"descriptions": [{"lang": "en", "cweId": "CWE-319", "description": "CWE-319 Cleartext transmission of sensitive information", "type": "CWE"}]}], "impacts": [{"capecId": "CAPEC-593", "descriptions": [{"lang": "en", "value": "CAPEC-593 Session Hijacking"}]}], "affected": [{"vendor": "PaperCut", "product": "Papercut NG/MF", "versions": [{"status": "affected", "version": "0", "lessThan": "25.0.5", "versionType": "semver"}, {"status": "affected", "version": "0", "lessThan": "25.0.9 (KM certified)", "versionType": "custom"}], "defaultStatus": "unaffected"}], "descriptions": [{"lang": "en", "value": "The PaperCut NG/MF (specifically, the embedded application for Konica Minolta devices) is vulnerable to session hijacking. The PaperCut NG/MF Embedded application is a software interface that runs directly on the touch screen of a multi-function device.\n\nIt was internally discovered that the communication channel between the embedded application and the server was insecure, which could leak data including sensitive information that may be used to mount an \u00a0attack on the device.\u00a0Such an attack could potentially be used to steal data or to perform a phishing attack on the end user.", "supportingMedia": [{"type": "text/html", "base64": false, "value": "<p>The PaperCut NG/MF (specifically, the embedded application for Konica Minolta devices) is vulnerable to session hijacking. The PaperCut NG/MF Embedded application is a software interface that runs directly on the touch screen of a multi-function device.</p><p><span>It was internally discovered that the communication channel between the embedded application and the server was insecure, which could leak data including sensitive information that may be used to mount an &nbsp;attack on the device.</span><span>&nbsp;Such an attack could potentially be used to steal data or to perform a phishing attack on the end user.</span></p>"}]}], "references": [{"url": "https://www.papercut.com/kb/Main/papercut-ng-mf-security-bulletin-march-2026/"}], "metrics": [{"format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}], "cvssV4_0": {"attackVector": "ADJACENT", "attackComplexity": "HIGH", "attackRequirements": "NONE", "privilegesRequired": "NONE", "userInteraction": "PASSIVE", "vulnConfidentialityImpact": "HIGH", "subConfidentialityImpact": "HIGH", "vulnIntegrityImpact": "NONE", "subIntegrityImpact": "NONE", "vulnAvailabilityImpact": "NONE", "subAvailabilityImpact": "NONE", "exploitMaturity": "UNREPORTED", "Safety": "NOT_DEFINED", "Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "valueDensity": "NOT_DEFINED", "vulnerabilityResponseEffort": "NOT_DEFINED", "providerUrgency": "NOT_DEFINED", "version": "4.0", "baseSeverity": "LOW", "baseScore": 3.6, "vectorString": "CVSS:4.0/AV:A/AC:H/AT:N/PR:N/UI:P/VC:H/VI:N/VA:N/SC:H/SI:N/SA:N/E:U"}}], "credits": [{"lang": "en", "value": "Xavier Gibbon", "type": "finder"}], "source": {"discovery": "INTERNAL"}, "x_generator": {"engine": "Vulnogram 1.0.1"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-03-31T13:59:29.117987Z", "id": "CVE-2026-5115", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-03-31T13:59:35.485Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2026-5115", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2026-03-31T13:59:29.117987Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-03-31T13:59:32.773Z"}}], "cna": {"title": "Session hijacking in PaperCut NG/MF embedded application for Konica Minolta devices", "source": {"discovery": "INTERNAL"}, "credits": [{"lang": "en", "type": "finder", "value": "Xavier Gibbon"}], "impacts": [{"capecId": "CAPEC-593", "descriptions": [{"lang": "en", "value": "CAPEC-593 Session Hijacking"}]}], "metrics": [{"format": "CVSS", "cvssV4_0": {"Safety": "NOT_DEFINED", "version": "4.0", "Recovery": "NOT_DEFINED", "baseScore": 3.6, "Automatable": "NOT_DEFINED", "attackVector": "ADJACENT", "baseSeverity": "LOW", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:A/AC:H/AT:N/PR:N/UI:P/VC:H/VI:N/VA:N/SC:H/SI:N/SA:N/E:U", "exploitMaturity": "UNREPORTED", "providerUrgency": "NOT_DEFINED", "userInteraction": "PASSIVE", "attackComplexity": "HIGH", "attackRequirements": "NONE", "privilegesRequired": "NONE", "subIntegrityImpact": "NONE", "vulnIntegrityImpact": "NONE", "subAvailabilityImpact": "NONE", "vulnAvailabilityImpact": "NONE", "subConfidentialityImpact": "HIGH", "vulnConfidentialityImpact": "HIGH", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"vendor": "PaperCut", "product": "Papercut NG/MF", "versions": [{"status": "affected", "version": "0", "lessThan": "25.0.5", "versionType": "semver"}, {"status": "affected", "version": "0", "lessThan": "25.0.9 (KM certified)", "versionType": "custom"}], "defaultStatus": "unaffected"}], "references": [{"url": "https://www.papercut.com/kb/Main/papercut-ng-mf-security-bulletin-march-2026/"}], "x_generator": {"engine": "Vulnogram 1.0.1"}, "descriptions": [{"lang": "en", "value": "The PaperCut NG/MF (specifically, the embedded application for Konica Minolta devices) is vulnerable to session hijacking. The PaperCut NG/MF Embedded application is a software interface that runs directly on the touch screen of a multi-function device.\n\nIt was internally discovered that the communication channel between the embedded application and the server was insecure, which could leak data including sensitive information that may be used to mount an \u00a0attack on the device.\u00a0Such an attack could potentially be used to steal data or to perform a phishing attack on the end user.", "supportingMedia": [{"type": "text/html", "value": "<p>The PaperCut NG/MF (specifically, the embedded application for Konica Minolta devices) is vulnerable to session hijacking. The PaperCut NG/MF Embedded application is a software interface that runs directly on the touch screen of a multi-function device.</p><p><span>It was internally discovered that the communication channel between the embedded application and the server was insecure, which could leak data including sensitive information that may be used to mount an &nbsp;attack on the device.</span><span>&nbsp;Such an attack could potentially be used to steal data or to perform a phishing attack on the end user.</span></p>", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-319", "description": "CWE-319 Cleartext transmission of sensitive information"}]}], "providerMetadata": {"orgId": "eb41dac7-0af8-4f84-9f6d-0272772514f4", "shortName": "PaperCut", "dateUpdated": "2026-03-31T01:08:05.715Z"}}}, "cveMetadata": {"cveId": "CVE-2026-5115", "state": "PUBLISHED", "dateUpdated": "2026-03-31T13:59:35.485Z", "dateReserved": "2026-03-29T22:32:07.583Z", "assignerOrgId": "eb41dac7-0af8-4f84-9f6d-0272772514f4", "datePublished": "2026-03-31T00:54:48.889Z", "assignerShortName": "PaperCut"}, "dataVersion": "5.2"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:papercut:papercut_mf:*:*:*:*:*:*:*:*", "matchCriteriaId": "52A24870-BFAD-4E33-92AE-1267F5576D5A", "versionEndExcluding": "25.0.5", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:papercut:papercut_mf_konica_minolta:*:*:*:*:*:*:*:*", "matchCriteriaId": "92C27467-EBCE-41E0-BFD3-02D04100EC27", "versionEndExcluding": "25.0.9", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "The PaperCut NG/MF (specifically, the embedded application for Konica Minolta devices) is vulnerable to session hijacking. The PaperCut NG/MF Embedded application is a software interface that runs directly on the touch screen of a multi-function device.\n\nIt was internally discovered that the communication channel between the embedded application and the server was insecure, which could leak data including sensitive information that may be used to mount an \u00a0attack on the device.\u00a0Such an attack could potentially be used to steal data or to perform a phishing attack on the end user."}, {"lang": "es", "value": "El PaperCut NG/MF (espec\u00edficamente, la aplicaci\u00f3n integrada para dispositivos Konica Minolta) es vulnerable al secuestro de sesi\u00f3n. La aplicaci\u00f3n integrada de PaperCut NG/MF es una interfaz de software que se ejecuta directamente en la pantalla t\u00e1ctil de un dispositivo multifunci\u00f3n.\n\nSe descubri\u00f3 internamente que el canal de comunicaci\u00f3n entre la aplicaci\u00f3n integrada y el servidor era inseguro, lo que podr\u00eda filtrar datos, incluida informaci\u00f3n sensible que podr\u00eda usarse para montar un ataque en el dispositivo. Dicho ataque podr\u00eda usarse potencialmente para robar datos o para realizar un ataque de phishing en el usuario final."}], "id": "CVE-2026-5115", "lastModified": "2026-04-03T18:11:36.917", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}], "cvssMetricV40": [{"cvssData": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "HIGH", "attackRequirements": "NONE", "attackVector": "ADJACENT", "availabilityRequirement": "NOT_DEFINED", "baseScore": 3.6, "baseSeverity": "LOW", "confidentialityRequirement": "NOT_DEFINED", "exploitMaturity": "UNREPORTED", "integrityRequirement": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "privilegesRequired": "NONE", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "HIGH", "subIntegrityImpact": "NONE", "userInteraction": "PASSIVE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:A/AC:H/AT:N/PR:N/UI:P/VC:H/VI:N/VA:N/SC:H/SI:N/SA:N/E:U/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "version": "4.0", "vulnAvailabilityImpact": "NONE", "vulnConfidentialityImpact": "HIGH", "vulnIntegrityImpact": "NONE", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "source": "eb41dac7-0af8-4f84-9f6d-0272772514f4", "type": "Secondary"}]}, "published": "2026-03-31T01:16:36.900", "references": [{"source": "eb41dac7-0af8-4f84-9f6d-0272772514f4", "tags": ["Vendor Advisory"], "url": "https://www.papercut.com/kb/Main/papercut-ng-mf-security-bulletin-march-2026/"}], "sourceIdentifier": "eb41dac7-0af8-4f84-9f6d-0272772514f4", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-319"}], "source": "eb41dac7-0af8-4f84-9f6d-0272772514f4", "type": "Secondary"}]}

{}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "[0,25.0.5)"}}, {"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "[0,25.0.9)"}}], "enrichment": {"confidence": 93.0, "confidence_source": "matching", "scores": [{"score": 93.0, "source": "matching"}]}, "original": {"product": "Papercut NG/MF", "source": "cna", "vendor": "PaperCut"}, "product": "papercut_mf", "vendor": "papercut"}], "analysis": {"en": {"generated_at": "2026-03-31T05:54:18.401394+00:00", "value": {"mitigation_remediation": ["Download and install the latest PaperCut NG/MF security update for Konica Minolta devices from the vendor\u2019s website.", "If no update is available, reconfigure the embedded application to use a secure, encrypted transport such as HTTPS or VPN when communicating with the server.", "Verify that all client\u2011server communications between the embedded app and server are conducted over TLS and that certificates are properly validated.", "Enable logging of session creation and termination events on the device and review logs for anomalous activity.", "Educate users on recognizing phishing emails or messages that might be delivered through compromised sessions."], "summary": {"action": "Patch", "impact": "Session Hijacking"}, "threat_synthesis": {"affected_systems": "Affected systems include the PaperCut NG/MF Embedded application that runs directly on the touch screen of Konica Minolta multi\u2011function devices. The vendor identifies the product as PaperCut NG/MF; specific firmware or software version information is not disclosed in the advisories, so any installation of the embedded application on Konica Minolta devices that uses this communication path is potentially vulnerable.", "description_and_impact": "The vulnerability stems from an insecure communication channel between the PaperCut NG/MF embedded application and its server on Konica Minolta devices. Because this channel does not encrypt data, it can leak sensitive information, enabling an attacker to hijack user sessions. The attacker could then steal data or use the hijacked session to deliver phishing messages to end users. This weakness corresponds to the Common Weakness Enumeration CWE\u2013319, which addresses the cleartext transmission of sensitive information.", "risk_and_exploitability": "The CVSS score of 3.6 indicates a moderate severity, and the exploit probability is currently unknown because EPSS data is not available. It is not listed in the CISA Known Exploited Vulnerabilities catalog. The vulnerability is likely exploitable by an adversary who can observe or manipulate the unencrypted traffic between the device and the server, either from a remote position or from a compromised local network. Once a session token is captured, the attacker can hijack the session to access sensitive data or conduct phishing attacks against users."}}}}, "created": "2026-03-31T19:56:36.966267+00:00", "updated": "2026-04-03T09:10:38.919587+00:00", "vendors": ["papercut", "papercut$PRODUCT$papercut_mf"]}