CVE-2026-47903
MEDIUM WAF: Medium
CVSS 6.2
Published: 2026-06-09
CWE-20
CAI Content Credentials versions [email protected], c2pa-v0.80.1 and earlier are affected by an Improper Input Validation vulnerability. An attacker could exploit this vulnerability to crash the application, leading to a denial-of-service condition. Exploitation of this issue does not require user interaction.
WAF Coverage Analysis
Improper Input Validation
Medium WAF Coverage
OWASP: A03:2021 Injection
920xxx - Protocol Enforcement 941xxx - XSS / XXE 942xxx - SQL Injection
Affected Software
| Vendor | Product | Version |
|---|---|---|
| adobe | c2pa | up to 0.80.1 |
| adobe | c2pa-web | up to 0.7.1 |
References
- helpx.adobe.com (Vendor Advisory)