VYPR
Medium severity6.2NVD Advisory· Published May 12, 2026· Updated Jun 9, 2026

CVE-2026-34672

CVE-2026-34672

Description

CAI Content Credentials versions c2pa-web@0.7.0, c2pa-v0.78.2 and earlier are affected by an Integer Underflow (Wrap or Wraparound) vulnerability that could result in an application denial-of-service. An attacker could exploit this vulnerability to crash the application, leading to a denial-of-service condition. Exploitation of this issue does not require user interaction.

Affected products

3
  • cpe:2.3:a:adobe:c2pa:*:*:*:*:*:rust:*:*+ 1 more
    • cpe:2.3:a:adobe:c2pa:*:*:*:*:*:rust:*:*range: <0.80.1
    • cpe:2.3:a:adobe:c2pa-web:*:*:*:*:*:node.js:*:*range: <0.7.1
  • Range: <=c2pa-web@0.7.0, c2pa-v0.78.2

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.