CVE-2026-34657EPSS p6.6%

CVE-2026-34657CVE-2026-34657

adobe / c2pa

Description

CAI Content Credentials versions c2pa-web@0.7.1, c2pa-v0.80.1 and earlier are affected by an Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability that could result in an arbitrary file system write. An attacker could leverage this vulnerability to write to unauthorized files or directories outside of intended restrictions. Exploitation of this issue requires user interaction in that a victim must extract a maliciously crafted file.

Scoring

CVSS 5.5 ()
VectorCVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
EPSS0.17% probability of exploitation · percentile 6.6% · 2026-06-19T12:03:05Z
Last modified2026-06-15

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CVE
CVE-2026-34666
CVE
CVE-2026-34670
CVE
CVE-2026-34669
CVE
CVE-2026-34668
CVE
CVE-2026-34688
CVE
CVE-2026-34679
Sourced from NVD + FIRST.org EPSS. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.