| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Adobe | Content Credentials Command-Line Tool | ≤ c2patool-v0.16.5 | affected |
c2patool-v0.26.65 | unaffected | ||
| Adobe | Content Credentials JS SDK | ≤ @contentauth/c2pa-web@0.7.0 | affected |
@contentauth/c2pa-web@0.9.0 | unaffected | ||
| Adobe | Content Credentials Rust SDK | ≤ c2pa-v0.84.0 | affected |
c2pa-v0.85.2 | unaffected |
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| Adobe | Content Credentials Rust SDK | 0 ~ c2pa-v0.84.0 | - | |
| Adobe | Content Credentials Command-Line Tool | 0 ~ c2patool-v0.16.5 | - | |
| Adobe | Content Credentials JS SDK | 0 ~ @contentauth/c2pa-web@0.7.0 | - |
| # | POC Description | Source Link | Shenlong Link |
|---|
No public POC found.
Login to generate AI POC| CVE-2026-48318 | 9.9 CRITICAL | ColdFusion | Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal' |
| CVE-2026-48284 | 9.6 CRITICAL | ColdFusion | Improper Input Validation (CWE-20) |
| CVE-2026-48322 | 9.6 CRITICAL | ColdFusion | Improper Control of Generation of Code ('Code Injection') (CWE-94) |
| CVE-2026-48356 | 9.6 CRITICAL | Adobe Commerce | Unrestricted Upload of File with Dangerous Type (CWE-434) |
| CVE-2026-48359 | 9.6 CRITICAL | Adobe Experience Manager | Improper Restriction of XML External Entity Reference ('XXE') ( |
| CVE-2026-48259 | 9.6 CRITICAL | Adobe Experience Manager | Server-Side Request Forgery (SSRF) (CWE-918) |
| CVE-2026-48325 | 9.3 CRITICAL | ColdFusion | Missing Authentication for Critical Function (CWE-306) |
| CVE-2026-48321 | 9.3 CRITICAL | ColdFusion | Incorrect Authorization (CWE-863) |
| CVE-2026-48334 | 9.3 CRITICAL | Illustrator | Improper Input Validation (CWE-20) |
| CVE-2026-48358 | 9.1 CRITICAL | Adobe Commerce | Improper Encoding or Escaping of Output (CWE-116) |
| CVE-2026-48324 | 9.1 CRITICAL | ColdFusion | Improper Neutralization of Special Elements used in an SQL Command ('SQL Inje |
| CVE-2026-48319 | 9.1 CRITICAL | ColdFusion | Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal' |
| CVE-2026-48327 | 9.0 CRITICAL | ColdFusion | Incorrect Authorization (CWE-863) |
| CVE-2026-47994 | 8.7 HIGH | Adobe Commerce | Cross-site Scripting (Stored XSS) (CWE-79) |
| CVE-2026-48275 | 8.6 HIGH | Illustrator | Untrusted Search Path (CWE-426) |
| CVE-2026-48350 | 8.6 HIGH | Animate | Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') ( |
| CVE-2026-47988 | 8.6 HIGH | Adobe Commerce | Incorrect Authorization (CWE-863) |
| CVE-2026-48252 | 8.6 HIGH | Adobe Experience Manager | Missing Authentication for Critical Function (CWE-306) |
| CVE-2026-48310 | 8.6 HIGH | Adobe Experience Manager | Improper Limitation of a Pathname to a Restricted Directory ('P |
| CVE-2026-48320 | 8.5 HIGH | ColdFusion | Cross-site Scripting (Reflected XSS) (CWE-79) |
Showing top 20 of 88 CVEs. View all on vendor page → →
No comments yet