7.5

CVE-2026-34711

CAI Content Credentials | Integer Overflow or Wraparound (CWE-190)

CAI Content Credentials versions c2pa-web@0.7.1, c2pa-v0.80.1 and earlier are affected by an Integer Overflow or Wraparound vulnerability. An attacker could exploit this vulnerability to crash the application, leading to a denial-of-service condition. Exploitation of this issue does not require user interaction.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
AdobeC2pa SwPlatformrust Version <= 0.80.1
   AppleiPhone OS Version-
   ApplemacOS Version-
   GoogleAndroid Version-
   LinuxLinux Kernel Version-
   MicrosoftWindows Version-
AdobeC2pa-web SwPlatformnode.js Version <= 0.7.1
   AppleiPhone OS Version-
   ApplemacOS Version-
   GoogleAndroid Version-
   LinuxLinux Kernel Version-
   MicrosoftWindows Version-
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.43% 0.342
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
psirt@adobe.com 7.5 3.9 3.6
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CWE-190 Integer Overflow or Wraparound

The product performs a calculation that can produce an integer overflow or wraparound when the logic assumes that the resulting value will always be larger than the original value. This occurs when an integer value is incremented to a value that is too large to store in the associated representation. When this occurs, the value may become a very small or negative number.

https://helpx.adobe.com/security/products/content-authenticity-sdk/apsb26-61.html
Vendor Advisory