PatchSiren cyber security CVE debrief
CVE-2026-47902 Adobe CVE debrief
CVE-2026-47902 is a MEDIUM severity vulnerability in CAI Content Credentials versions [email protected], c2pa-v0.80.1 and earlier. An attacker could exploit this vulnerability to exhaust system resources, resulting in an application denial-of-service condition. Exploitation of this issue does not require user interaction. The vulnerability was published on [cvePublishedAt] and last modified on [cveModifiedAt].
- Vendor
- Adobe
- Product
- Content Authenticity SDK
- CVSS
- MEDIUM 6.2
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2026-06-09
- Original CVE updated
- 2026-06-10
- Advisory published
- 2026-06-09
- Advisory updated
- 2026-06-10
Who should care
Users of CAI Content Credentials versions [email protected], c2pa-v0.80.1 and earlier should apply patches or mitigations as available.
Technical summary
The vulnerability is caused by an Uncontrolled Resource Consumption issue in CAI Content Credentials. This could allow an attacker to exhaust system resources, leading to a denial-of-service condition.
Defensive priority
MEDIUM
Recommended defensive actions
- Apply patches or updates as available from the vendor.
- Review and limit resource consumption by the affected application.
- Monitor system resources for unusual activity.
Evidence notes
The CVE record indicates that the vulnerability affects CAI Content Credentials versions [email protected], c2pa-v0.80.1 and earlier. The vendor is listed as Unknown Vendor, but evidence suggests the vendor may be Adobe [ref-4].
Official resources
-
CVE-2026-47902 CVE record
CVE.org
-
CVE-2026-47902 NVD detail
NVD
-
Source item URL
nvd_modified
- Source reference
CVE-2026-47902 was published on 2026-06-09T22:16:25.177Z and last modified on 2026-06-10T18:35:49.083Z.