Arbitrary Code Execution Risk in CAI Content Credentials by Adobe
CVE-2026-48287

7.4HIGH

What is CVE-2026-48287?

CAI Content Credentials by Adobe has a vulnerability allowing for arbitrary code execution due to an untrusted search path. This issue could potentially be exploited if a user interacts with a specifically crafted URL or compromised website, exposing the user's environment to risk. It is essential for users to remain cautious of unsolicited links to mitigate potential threats.

Affected Version(s)

Content Credentials Command-Line Tool 0

Content Credentials Command-Line Tool 0

Content Credentials JS SDK 0

References

CVSS V3.1

Score:
7.4
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Local
Attack Complexity:
High
Privileges Required:
None
User Interaction:
Required
Scope:
Changed

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.