CVE-2026-42948

MEDIUM NVD

CVSS Score 4.8

Severity MEDIUM

Published May 13, 2026

Vendor unknown

Description

Stored cross-site scripting vulnerability exists in ELECOM wireless LAN access point devices. If one of the administrators input malicious data, an arbitrary script may be executed in another administrative user's web browser.

References

https://jvn.jp/en/jp/JVN03037325/
https://www.elecom.co.jp/news/security/20260512-01/