CVE Catalog

CVE-2026-34672

MediumCVSS 6.2
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.01%

2th percentile - higher than 2% of all known CVEs

Summary

CAI Content Credentials versions [email protected], c2pa-v0.78.2 and earlier are affected by an Integer Underflow vulnerability that could lead to application denial-of-service. An attacker could exploit this vulnerability to crash the application.

Risk Assessment

Exploitation of this issue may lead to application crashes, resulting in service unavailability for users. The attack does not require user interaction.

Recommendation

It is recommended to update to the latest version of CAI Content Credentials to mitigate this vulnerability. Monitoring application logs for potential attack attempts is also advisable.

Original NVD description (English source)

CAI Content Credentials versions [email protected], c2pa-v0.78.2 and earlier are affected by an Integer Underflow (Wrap or Wraparound) vulnerability that could result in an application denial-of-service. An attacker could exploit this vulnerability to crash the application, leading to a denial-of-service condition. Exploitation of this issue does not require user interaction.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS