Uncontrolled Resource Consumption in CAI Content Credentials by Adobe
CVE-2026-47902

6.2MEDIUM

Key Information:

Vendor

Adobe

Vendor
CVE Published:
9 June 2026

What is CVE-2026-47902?

Certain versions of CAI Content Credentials, specifically c2pa-web@0.7.1 and earlier c2pa-v0.80.1, are vulnerable to an uncontrolled resource consumption flaw. This issue allows attackers to exploit the software to exhaust system resources, potentially leading to a denial-of-service condition without requiring any user interaction. Organizations using these versions should take immediate action to mitigate risks associated with this vulnerability.

Affected Version(s)

CAI Content Credentials 0

References

CVSS V3.1

Score:
6.2
Severity:
MEDIUM
Confidentiality:
None
Integrity:
None
Availability:
None
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.