CVE-2026-48302

Summary

CAI Content Credentials is affected by an Improper Input Validation vulnerability that could result in an application denial-of-service. An attacker could exploit this vulnerability to crash the application, leading to a denial-of-service condition. Exploitation of this issue does not require user interaction.

Affected Software

VendorProductVersion RangeStatus
AdobeContent Credentials Rust SDK0 <= c2pa-v0.84.0affected
AdobeContent Credentials Rust SDKc2pa-v0.85.2unaffected
AdobeContent Credentials Command-Line Tool0 <= c2patool-v0.16.5affected
AdobeContent Credentials Command-Line Toolc2patool-v0.26.65unaffected
AdobeContent Credentials JS SDK0 <= @contentauth/c2pa-web@0.7.0affected
AdobeContent Credentials JS SDK@contentauth/c2pa-web@0.9.0unaffected

Weaknesses

  • CWE-20: Improper Input Validation (CWE-20)

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References