VYPR
Medium severity6.2NVD Advisory· Published May 12, 2026· Updated Jun 9, 2026

CVE-2026-34673

CVE-2026-34673

Description

CAI Content Credentials versions c2pa-web@0.7.0, c2pa-v0.78.2 and earlier are affected by an Uncontrolled Resource Consumption vulnerability that could lead to application denial-of-service. An attacker could exploit this vulnerability to exhaust system resources, resulting in an application denial-of-service condition. Exploitation of this issue does not require user interaction.

Affected products

3
  • cpe:2.3:a:adobe:c2pa:*:*:*:*:*:rust:*:*+ 1 more
    • cpe:2.3:a:adobe:c2pa:*:*:*:*:*:rust:*:*range: <0.80.1
    • cpe:2.3:a:adobe:c2pa-web:*:*:*:*:*:node.js:*:*range: <0.7.1
  • Range: <=c2pa-web@0.7.0, c2pa-v0.78.2

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.