Product
CAI Content Credentials is vulnerable to a Server-Side Request Forgery (SSRF) vulnerability, CVE-2026-48290, which an attacker can exploit to achieve arbitrary code execution and potentially gain elevated access by injecting malicious scripts into a web page, requiring user interaction to succeed.