CVE-2026-34671
MediumCVSS 6.2Exploitation Probability (EPSS)
Low risk1th percentile - higher than 1% of all known CVEs
Summary
CAI Content Credentials versions [email protected], c2pa-v0.78.2 and earlier are affected by an Integer Overflow or Wraparound vulnerability that could result in an application denial-of-service. An attacker could exploit this vulnerability to crash the application, leading to a denial-of-service condition without user interaction.
Risk Assessment
Exploitation of this vulnerability could lead to application crashes, resulting in denial-of-service for users. Organizations may experience downtime and loss of access to critical functionalities.
Recommendation
It is recommended to update to the latest version of CAI Content Credentials to mitigate this vulnerability. Monitoring the application for unauthorized access attempts is also advisable.
Original NVD description (English source)
CAI Content Credentials versions [email protected], c2pa-v0.78.2 and earlier are affected by an Integer Overflow or Wraparound vulnerability that could result in an application denial-of-service. An attacker could exploit this vulnerability to crash the application, leading to a denial-of-service condition. Exploitation of this issue does not require user interaction.

