CVE-2026-7824

UNKNOWN 0.0

PaperCut Hive (Ricoh): Plain text password in logs

CVSS Score

0.0

EPSS Score

0.0%

EPSS Percentile

0th

An issue was discovered in the PaperCut Hive Ricoh embedded application. When the "Deep Logging" (diagnostic) mode is enabled, the application inadvertently records administrative credentials in plain text within the log files. An attacker with administrative access to the PaperCut Hive management portal could remotely enable deep logging and subsequently retrieve sensitive device passwords from the logs after an authorized user authenticates at the device. This exposure allows for the lateral movement or unauthorized configuration of the physical print hardware.

CWE	CWE-532
Vendor	papercut
Product	papercut hive
Published	May 5, 2026

Stay Ahead of the Next One

Get instant alerts for papercut papercut hive

Be the first to know when new unknown vulnerabilities affecting papercut papercut hive are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

Affected Versions

PaperCut / PaperCut Hive

0 < 2.2.0

References

NVD ↗ CVE.org ↗ EPSS Data ↗

papercut.com: https://www.papercut.com/kb/Main/papercut-ng-mf-and-papercut-hive-security-bulletin-may-2026/

Credits

🔍 Hayden Moore