CyberRota
← Ana sayfaya dön

CVE-2026-34657

MEDIUM · CVSS 5.5 EPSS %0.17 Public Exploit

Kaynak: NVD + CISA KEV + EPSS · Yayınlanma: 2026-06-09T22:16:22.787 · Çekilme zamanı: 2026-06-30T18:17:32.288468+00:00

CyberRota Yorumu

Detaylı analiz gerekiyor.

Public Exploit Sinyali

Bu CVE için açıklama veya referanslarda public exploit / PoC / GitHub / Metasploit sinyali tespit edildi.

Tespit Edilen Sinyaller
exploit

Not: Bu bağlantılar yalnızca güvenlik araştırması ve doğrulama amacıyla listelenmiştir.

CVE
CVE-2026-34657
Severity
MEDIUM
CVSS
5.5
EPSS
%0.17

Orijinal NVD Açıklaması

CAI Content Credentials versions c2pa-web@0.7.1, c2pa-v0.80.1 and earlier are affected by an Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability that could result in an arbitrary file system write. An attacker could leverage this vulnerability to write to unauthorized files or directories outside of intended restrictions. Exploitation of this issue requires user interaction in that a victim must extract a maliciously crafted file.