Skip to main content

C2Pa Web

12 CVEs product

Monthly

CVE-2026-48357 MEDIUM This Month

CAI Content Credentials is affected by an Uncontrolled Resource Consumption vulnerability that could lead to application denial-of-service. An attacker could exploit this vulnerability to exhaust system resources, resulting in an application denial-of-service condition. Exploitation of this issue does not require user interaction.

Denial Of Service C2Pa C2Pa Web C2Patool
NVD
CVSS 3.1
6.2
EPSS
0.2%
CVE-2026-48354 MEDIUM This Month

CAI Content Credentials is affected by an Integer Overflow or Wraparound vulnerability that could result in an application denial-of-service. An attacker could exploit this vulnerability to crash the application, leading to a denial-of-service condition. Exploitation of this issue does not require user interaction.

Denial Of Service Integer Overflow C2Pa C2Pa Web C2Patool
NVD
CVSS 3.1
6.2
EPSS
0.2%
CVE-2026-48353 MEDIUM This Month

CAI Content Credentials is affected by an Improper Input Validation vulnerability that could lead to arbitrary file system read. An attacker could exploit this vulnerability to access sensitive files and directories outside the intended access scope. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

Information Disclosure C2Pa C2Pa Web C2Patool
NVD VulDB
CVSS 3.1
5.5
EPSS
0.2%
CVE-2026-48352 HIGH This Week

CAI Content Credentials is affected by an Improper Input Validation vulnerability that could result in an application denial-of-service. An attacker could exploit this vulnerability to crash the application, leading to a denial-of-service condition. Exploitation of this issue does not require user interaction.

Denial Of Service C2Pa C2Pa Web C2Patool
NVD VulDB
CVSS 3.1
7.5
EPSS
0.4%
CVE-2026-48351 HIGH This Week

CAI Content Credentials is affected by an Improper Input Validation vulnerability that could result in an application denial-of-service. An attacker could exploit this vulnerability to crash the application, leading to a denial-of-service condition. Exploitation of this issue does not require user interaction.

Denial Of Service C2Pa C2Pa Web C2Patool
NVD
CVSS 3.1
7.5
EPSS
0.4%
CVE-2026-48312 MEDIUM This Month

CAI Content Credentials is affected by an Improper Input Validation vulnerability that could result in a Security feature bypass. An attacker could leverage this vulnerability to bypass security measures and gain unauthorized write access. Exploitation of this issue does not require user interaction.

Authentication Bypass C2Pa C2Pa Web C2Patool
NVD
CVSS 3.1
6.8
EPSS
0.2%
CVE-2026-48302 MEDIUM This Month

CAI Content Credentials is affected by an Improper Input Validation vulnerability that could result in an application denial-of-service. An attacker could exploit this vulnerability to crash the application, leading to a denial-of-service condition. Exploitation of this issue does not require user interaction.

Denial Of Service C2Pa C2Pa Web C2Patool
NVD VulDB
CVSS 3.1
6.2
EPSS
0.2%
CVE-2026-48298 MEDIUM This Month

CAI Content Credentials is affected by an Integer Underflow (Wrap or Wraparound) vulnerability that could result in an application denial-of-service. An attacker could exploit this vulnerability to crash the application, leading to a denial-of-service condition. Exploitation of this issue does not require user interaction.

Denial Of Service Integer Overflow C2Pa C2Pa Web C2Patool
NVD
CVSS 3.1
6.2
EPSS
0.2%
CVE-2026-48296 MEDIUM This Month

CAI Content Credentials is affected by an Integer Underflow (Wrap or Wraparound) vulnerability that could result in an application denial-of-service. An attacker could exploit this vulnerability to crash the application, leading to a denial-of-service condition. Exploitation of this issue does not require user interaction.

Denial Of Service Integer Overflow C2Pa C2Pa Web C2Patool
NVD VulDB
CVSS 3.1
6.2
EPSS
0.2%
CVE-2026-48295 HIGH This Week

CAI Content Credentials is affected by an Insufficiently Protected Credentials vulnerability that could result in disclosure of sensitive information. An attacker could leverage this vulnerability to gain unauthorized read access. Exploitation of this issue does not require user interaction.

Information Disclosure C2Pa C2Pa Web C2Patool
NVD
CVSS 3.1
7.5
EPSS
0.4%
CVE-2026-48290 HIGH This Week

CAI Content Credentials is affected by a Server-Side Request Forgery (SSRF) vulnerability that could result in arbitrary code execution in the context of the current user. An attacker could exploit this vulnerability to inject malicious scripts into a web page, potentially gaining elevated access or control over the victim's account or session. Exploitation of this issue requires user interaction in that a victim must visit a maliciously crafted URL or interact with a compromised web page. Scope is changed.

SSRF RCE C2Pa C2Pa Web C2Patool
NVD
CVSS 3.1
8.2
EPSS
0.2%
CVE-2026-48287 HIGH This Week

CAI Content Credentials is affected by an Untrusted Search Path vulnerability that could result in arbitrary code execution in the context of the current user. Exploit depends on conditions beyond the attacker's control. Exploitation of this issue requires user interaction in that a victim must visit a maliciously crafted URL or interact with a compromised web page. Scope is changed.

RCE C2Pa C2Pa Web C2Patool
NVD VulDB
CVSS 3.1
7.4
EPSS
0.1%
EPSS 0% CVSS 6.2
MEDIUM This Month

CAI Content Credentials is affected by an Uncontrolled Resource Consumption vulnerability that could lead to application denial-of-service. An attacker could exploit this vulnerability to exhaust system resources, resulting in an application denial-of-service condition. Exploitation of this issue does not require user interaction.

Denial Of Service C2Pa C2Pa Web +1
NVD
EPSS 0% CVSS 6.2
MEDIUM This Month

CAI Content Credentials is affected by an Integer Overflow or Wraparound vulnerability that could result in an application denial-of-service. An attacker could exploit this vulnerability to crash the application, leading to a denial-of-service condition. Exploitation of this issue does not require user interaction.

Denial Of Service Integer Overflow C2Pa +2
NVD
EPSS 0% CVSS 5.5
MEDIUM This Month

CAI Content Credentials is affected by an Improper Input Validation vulnerability that could lead to arbitrary file system read. An attacker could exploit this vulnerability to access sensitive files and directories outside the intended access scope. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

Information Disclosure C2Pa C2Pa Web +1
NVD VulDB
EPSS 0% CVSS 7.5
HIGH This Week

CAI Content Credentials is affected by an Improper Input Validation vulnerability that could result in an application denial-of-service. An attacker could exploit this vulnerability to crash the application, leading to a denial-of-service condition. Exploitation of this issue does not require user interaction.

Denial Of Service C2Pa C2Pa Web +1
NVD VulDB
EPSS 0% CVSS 7.5
HIGH This Week

CAI Content Credentials is affected by an Improper Input Validation vulnerability that could result in an application denial-of-service. An attacker could exploit this vulnerability to crash the application, leading to a denial-of-service condition. Exploitation of this issue does not require user interaction.

Denial Of Service C2Pa C2Pa Web +1
NVD
EPSS 0% CVSS 6.8
MEDIUM This Month

CAI Content Credentials is affected by an Improper Input Validation vulnerability that could result in a Security feature bypass. An attacker could leverage this vulnerability to bypass security measures and gain unauthorized write access. Exploitation of this issue does not require user interaction.

Authentication Bypass C2Pa C2Pa Web +1
NVD
EPSS 0% CVSS 6.2
MEDIUM This Month

CAI Content Credentials is affected by an Improper Input Validation vulnerability that could result in an application denial-of-service. An attacker could exploit this vulnerability to crash the application, leading to a denial-of-service condition. Exploitation of this issue does not require user interaction.

Denial Of Service C2Pa C2Pa Web +1
NVD VulDB
EPSS 0% CVSS 6.2
MEDIUM This Month

CAI Content Credentials is affected by an Integer Underflow (Wrap or Wraparound) vulnerability that could result in an application denial-of-service. An attacker could exploit this vulnerability to crash the application, leading to a denial-of-service condition. Exploitation of this issue does not require user interaction.

Denial Of Service Integer Overflow C2Pa +2
NVD
EPSS 0% CVSS 6.2
MEDIUM This Month

CAI Content Credentials is affected by an Integer Underflow (Wrap or Wraparound) vulnerability that could result in an application denial-of-service. An attacker could exploit this vulnerability to crash the application, leading to a denial-of-service condition. Exploitation of this issue does not require user interaction.

Denial Of Service Integer Overflow C2Pa +2
NVD VulDB
EPSS 0% CVSS 7.5
HIGH This Week

CAI Content Credentials is affected by an Insufficiently Protected Credentials vulnerability that could result in disclosure of sensitive information. An attacker could leverage this vulnerability to gain unauthorized read access. Exploitation of this issue does not require user interaction.

Information Disclosure C2Pa C2Pa Web +1
NVD
EPSS 0% CVSS 8.2
HIGH This Week

CAI Content Credentials is affected by a Server-Side Request Forgery (SSRF) vulnerability that could result in arbitrary code execution in the context of the current user. An attacker could exploit this vulnerability to inject malicious scripts into a web page, potentially gaining elevated access or control over the victim's account or session. Exploitation of this issue requires user interaction in that a victim must visit a maliciously crafted URL or interact with a compromised web page. Scope is changed.

SSRF RCE C2Pa +2
NVD
EPSS 0% CVSS 7.4
HIGH This Week

CAI Content Credentials is affected by an Untrusted Search Path vulnerability that could result in arbitrary code execution in the context of the current user. Exploit depends on conditions beyond the attacker's control. Exploitation of this issue requires user interaction in that a victim must visit a maliciously crafted URL or interact with a compromised web page. Scope is changed.

RCE C2Pa C2Pa Web +1
NVD VulDB

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy