CVE-2026-48354

CAI Content Credentials is affected by an Integer Overflow or Wraparound vulnerability that could result in an application denial-of-service. An attacker could exploit this vulnerability to crash the application, leading to a denial-of-service condition. Exploitation of this issue does not require user interaction.
Configurations

Configuration 1 (hide)

AND
OR cpe:2.3:a:adobe:c2pa:*:*:*:*:*:rust:*:*
cpe:2.3:a:adobe:c2pa-web:*:*:*:*:*:node.js:*:*
cpe:2.3:a:adobe:c2patool:*:*:*:*:*:*:*:*
OR cpe:2.3:o:apple:iphone_os:-:*:*:*:*:*:*:*
cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*
cpe:2.3:o:google:android:-:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*

History

16 Jul 2026, 19:04

Type Values Removed Values Added
First Time Apple macos
Adobe c2patool
Google
Linux
Google android
Apple
Linux linux Kernel
Microsoft windows
Adobe
Adobe c2pa
Microsoft
Adobe c2pa-web
Apple iphone Os
References () https://helpx.adobe.com/security/products/content-authenticity-sdk/apsb26-80.html - () https://helpx.adobe.com/security/products/content-authenticity-sdk/apsb26-80.html - Vendor Advisory
CPE cpe:2.3:o:apple:iphone_os:-:*:*:*:*:*:*:*
cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*
cpe:2.3:o:google:android:-:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*
cpe:2.3:a:adobe:c2pa-web:*:*:*:*:*:node.js:*:*
cpe:2.3:a:adobe:c2pa:*:*:*:*:*:rust:*:*
cpe:2.3:a:adobe:c2patool:*:*:*:*:*:*:*:*

14 Jul 2026, 22:17

Type Values Removed Values Added
New CVE

Information

Published : 2026-07-14 22:17

Updated : 2026-07-16 19:04


NVD link : CVE-2026-48354

Mitre link : CVE-2026-48354

CVE.ORG link : CVE-2026-48354


JSON object : View

Products Affected

adobe

  • c2pa
  • c2pa-web
  • c2patool

microsoft

  • windows

google

  • android

linux

  • linux_kernel

apple

  • macos
  • iphone_os
CWE
CWE-190

Integer Overflow or Wraparound