CAI Content Credentials is affected by an Insufficiently Protected Credentials vulnerability that could result in disclosure of sensitive information. An attacker could leverage this vulnerability to gain unauthorized read access. Exploitation of this issue does not require user interaction.
References
| Link | Resource |
|---|---|
| https://helpx.adobe.com/security/products/content-authenticity-sdk/apsb26-80.html | Vendor Advisory |
Configurations
Configuration 1 (hide)
| AND |
|
History
16 Jul 2026, 19:03
| Type | Values Removed | Values Added |
|---|---|---|
| First Time |
Apple macos
Adobe c2patool Linux Google android Apple Linux linux Kernel Microsoft windows Adobe Adobe c2pa Microsoft Adobe c2pa-web Apple iphone Os |
|
| CPE | cpe:2.3:o:apple:iphone_os:-:*:*:*:*:*:*:* cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:* cpe:2.3:o:google:android:-:*:*:*:*:*:*:* cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:* cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:* cpe:2.3:a:adobe:c2pa-web:*:*:*:*:*:node.js:*:* cpe:2.3:a:adobe:c2pa:*:*:*:*:*:rust:*:* cpe:2.3:a:adobe:c2patool:*:*:*:*:*:*:*:* |
|
| References | () https://helpx.adobe.com/security/products/content-authenticity-sdk/apsb26-80.html - Vendor Advisory |
14 Jul 2026, 22:17
| Type | Values Removed | Values Added |
|---|---|---|
| New CVE |
Information
Published : 2026-07-14 22:17
Updated : 2026-07-16 19:03
NVD link : CVE-2026-48295
Mitre link : CVE-2026-48295
CVE.ORG link : CVE-2026-48295
JSON object : View
Products Affected
adobe
- c2pa
- c2pa-web
- c2patool
microsoft
- windows
- android
linux
- linux_kernel
apple
- macos
- iphone_os
CWE
CWE-522
Insufficiently Protected Credentials
