CVE-2026-34688
MediumCVSS 6.2Exploitation Probability (EPSS)
Low risk2th percentile - higher than 2% of all known CVEs
Summary
CAI Content Credentials versions [email protected], c2pa-v0.78.2 and earlier are affected by an Improper Input Validation vulnerability that could result in an application denial-of-service. An attacker could exploit this vulnerability to crash the application, leading to a denial-of-service condition.
Risk Assessment
Exploitation of this issue could lead to application crashes, resulting in service unavailability for users. Since the attack does not require user interaction, the risk is significant.
Recommendation
It is recommended to update to the latest version of CAI Content Credentials to mitigate this vulnerability. Additionally, implementing application monitoring to quickly detect and respond to potential attacks is advisable.
Original NVD description (English source)
CAI Content Credentials versions [email protected], c2pa-v0.78.2 and earlier are affected by an Improper Input Validation vulnerability that could result in an application denial-of-service. An attacker could exploit this vulnerability to crash the application, leading to a denial-of-service condition. Exploitation of this issue does not require user interaction.

