CVE Catalog

CVE-2026-34673

MediumCVSS 6.2
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.01%

1th percentile - higher than 1% of all known CVEs

Summary

CAI Content Credentials versions [email protected], c2pa-v0.78.2 and earlier are affected by an Uncontrolled Resource Consumption vulnerability that could lead to application denial-of-service. An attacker could exploit this vulnerability to exhaust system resources, resulting in an application denial-of-service condition.

Risk Assessment

Exploitation of this issue could lead to significant disruptions in application functionality, affecting service availability for users. The lack of user interaction required for exploitation increases the risk of attack.

Recommendation

It is recommended to update to the latest version of CAI Content Credentials to mitigate the risk associated with this vulnerability. Monitoring application resource consumption may also help in detecting potential attacks.

Original NVD description (English source)

CAI Content Credentials versions [email protected], c2pa-v0.78.2 and earlier are affected by an Uncontrolled Resource Consumption vulnerability that could lead to application denial-of-service. An attacker could exploit this vulnerability to exhaust system resources, resulting in an application denial-of-service condition. Exploitation of this issue does not require user interaction.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS