sigstore-java CVE-2026-48791
LOWSeverity by source
AV:L/AC:L/PR:H/UI:R/S:U/C:N/I:L/A:N
Exploitation demands prior local compromise and key exfiltration (PR:H, AV:L); integrity impact is limited to verification bypass with no scope change or confidentiality loss.
Primary rating from GitHub Advisory.
CVSS VectorGitHub Advisory
CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:N/I:L/A:N
Lifecycle Timeline
1Blast Radius
ecosystem impact- 3 maven packages depend on dev.sigstore:sigstore-java (2 direct, 1 indirect)
Ecosystem-wide dependent count for version 2.0.0.
DescriptionGitHub Advisory
Summary
Regression: Verification of integratedTime from Rekor V1 Log Entry against Fuclio Certificate validity was missing
Details
- PR #1008 erroneously removed verification of the integrated (Rekor entry) time) against the Fulcio certificate.
- PR #1185 re-added this verification with enhancements that adhere to the Sigstore verification spec.
- old sigstore-conformance test for this check was built incorrectly
PoC
A new bundle was added to sigstore-conformance to test this: sigstore-java:2.0.0 can be tested against it and shown to be unexpectedly passing Verify this bundle against a.txt
$ git clone git@github.com:sigstore/sigstore-java
$ git checkout v2.0.0
$ ./gradlew :sigstore-cli:build
$ tar -xf sigstore-cli/build/distributions/sigstore-cli-*-SNAPSHOT.tar --strip-components 1
$ ./bin/sigstore-cli verify --bundle=bundle.sigstore.json a.txt
# expect error but noneImpact
This vulnerability impacts only users verifying bundles with dev.sigstore:sigstore-java:2.0.0. Older versions are not affected, it is fixed in dev.sigstore:sigstore-java:2.1.0
A malicious actor may exploit this if they were able to access a users system and exfiltrate the temporary private key used during signing and then reuse an old fulcio certificate later without requiring direct access to the user's credentials.
Users may protect themselves by re-verifying their artifacts using the newest sigstore-java or another current sigstore client. Transparency logs may also be audited for unauthorized signatures for a suspected reused identity.
AnalysisAI
Certificate timestamp validation bypass in sigstore-java 2.0.0 allows an attacker who has already exfiltrated an ephemeral Sigstore signing key to reuse an expired Fulcio certificate, causing bundle verification to succeed when it should fail. PR #1008 erroneously removed the check that bounds a Rekor V1 log entry's integratedTime against the Fulcio certificate's validity window, a regression only present in the 2.0.0 release and fixed in 2.1.0. …
Unlock full vulnerability intelligence
- Risk assessment & exploitation conditions
- Attack chain visualization
- Remediation with exact patch versions
- Threat intelligence from 22 sources
- Personal watchlist & email alerts
Free forever · No credit card required
Attack ChainAIDerived
Hypothetical attack flow derived from CVE metadata
Vulnerability AssessmentAI
| Exploitation | Exploitation requires the attacker to have already obtained local system access AND to have successfully exfiltrated the ephemeral private key used during a prior Sigstore signing operation - the vendor description explicitly names this as the required precondition. … Additional conditions and limiting factors are described in the full assessment. |
| Risk Assessment | The CVSS 3.1 vector (AV:L/AC:L/PR:H/UI:R/S:U/C:N/I:L/A:N) yielding a score of 2.0 accurately reflects a very constrained attack surface: local-only access, high privilege (sufficient to exfiltrate a temporary signing key from a user's session), and required victim interaction (triggering bundle verification). … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in. |
| Exploit Scenario | An attacker who has already compromised a developer workstation and exfiltrated the ephemeral private key generated during a prior Sigstore signing session crafts a forged bundle pairing that key with the original, now-expired Fulcio certificate. When a pipeline or developer invokes `sigstore-cli verify` (or the sigstore-java library directly) on the forged bundle using version 2.0.0, the missing `integratedTime` check causes verification to succeed silently - a result the vendor-provided PoC bundle demonstrates explicitly against the CLI tool. |
| Remediation | Upgrade `dev.sigstore:sigstore-java` to version 2.1.0, which restores `integratedTime` verification against Fulcio certificate validity via PR #1185 and confirmed fix commits 4b7a49ebb1813f5b1ff113bcad63246358222d61 and b529335728fc5cfb574161b4b3c06859a8a2aa88. … Detailed patch versions, workarounds, and compensating controls in full report. |
Threat intelligence, references, and detailed analysis are available after sign-in.
More in Jwt Attack
View allWhy is Microsoft republishing a CVE from 2013? We are republishing CVE-2013-3900 in the Security Update Guide to update
Authentication bypass in SimpleHelp 5.5.15 and prior (plus 6.0 pre-release builds) allows remote unauthenticated attacke
Authentication bypass in Fortinet FortiOS, FortiProxy, and FortiSwitchManager allows unauthenticated remote attackers to
ruby-saml provides security assertion markup language (SAML) single sign-on (SSO) for Ruby. Rated critical severity (CVS
ruby-saml provides security assertion markup language (SAML) single sign-on (SSO) for Ruby. Rated critical severity (CVS
The package jsrsasign before 10.5.25 are vulnerable to Improper Verification of Cryptographic Signature when JWS or JWT
A library injection vulnerability exists in Microsoft Teams (work or school) 24046.2813.2770.1094 for macOS. Rated criti
A library injection vulnerability exists in the WebView.app helper app of Microsoft Teams (work or school) 24046.2813.27
A library injection vulnerability exists in the com.microsoft.teams2.modulehost.app helper app of Microsoft Teams (work
The Ruby SAML library is for implementing the client side of a SAML authorization. Rated critical severity (CVSS 9.8), t
cosign is a container signing and verification utility. Rated critical severity (CVSS 9.8), this vulnerability is remote
Biscuit is an authentication and authorization token for microservices architectures. Rated critical severity (CVSS 9.8)
Same technique Authentication Bypass
View allShare
External POC / Exploit Code
Leaving vuln.today
GHSA-qqw8-7c2r-jxch