CVE-2026-34677
MediumCVSS 6.2Exploitation Probability (EPSS)
Low risk1th percentile - higher than 1% of all known CVEs
Summary
CAI Content Credentials versions [email protected], c2pa-v0.78.2 and earlier are affected by an Uncontrolled Resource Consumption vulnerability that could lead to application denial-of-service. An attacker could exploit this vulnerability to exhaust system resources, resulting in an application denial-of-service condition.
Risk Assessment
Exploitation of this issue could lead to significant disruptions in application functionality, impacting service availability for users. Additionally, the attack does not require user interaction, increasing the risk.
Recommendation
It is recommended to update to the latest version of CAI Content Credentials to mitigate this vulnerability. Also, monitor systems for unusual resource consumption.
Original NVD description (English source)
CAI Content Credentials versions [email protected], c2pa-v0.78.2 and earlier are affected by an Uncontrolled Resource Consumption vulnerability that could lead to application denial-of-service. An attacker could exploit this vulnerability to exhaust system resources, resulting in an application denial-of-service condition. Exploitation of this issue does not require user interaction.

