Skip to main content

sigstore-js CVE-2026-48815

| EUVDEUVD-2026-44494 HIGH
Improper Verification of Cryptographic Signature (CWE-347)
2026-07-01 https://github.com/sigstore/sigstore-js GHSA-52v5-jr5w-gjxr
7.5
CVSS 3.1 · Vendor: https://github.com/sigstore/sigstore-js
Share

Severity by source

Vendor (https://github.com/sigstore/sigstore-js) PRIMARY
7.5 HIGH
AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
vuln.today AI
5.9 MEDIUM

Integrity-only bypass (I:H, C/A:N); AC:H because it requires the non-default certificateOIDs config plus a certificate that still passes the enforced SAN/issuer checks; no privileges or interaction needed.

3.1 AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
4.0 AV:N/AC:H/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N

Primary rating from Vendor (https://github.com/sigstore/sigstore-js).

CVSS VectorVendor: https://github.com/sigstore/sigstore-js

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
None
Integrity
High
Availability
None

Lifecycle Timeline

2
CVE Published
Jul 01, 2026 - 20:19 cve.org
HIGH 7.5
Analysis Generated
Jul 01, 2026 - 20:17 vuln.today

Blast Radius

ecosystem impact
† from your stack dependencies † transitive graph · vuln.today resolves 4-path depth
  • 3,403 npm packages depend on sigstore (89 direct, 3,315 indirect)

Ecosystem-wide dependent count for version 4.1.1.

DescriptionCVE.org

Summary

The documented certificateOIDs option in sigstore.verify() is accepted by the public API but discarded before verification, so required certificate extension OIDs are never checked.

Details

The public verify options include certificateOIDs and the documentation says those OID/value pairs “must be present in the certificate’s extension list.” The policy-construction path used by sigstore.verify() and createVerifier() only copies the SAN and issuer settings into the verification policy and completely ignores certificateOIDs.

As a result, callers can believe they are constraining verification to certificates carrying specific Fulcio or workload-identifying OIDs, while the actual verifier never receives those constraints. Any bundle that satisfies the remaining checks is accepted even if the required OID extensions are absent or mismatched.

This is reachable from supported usage through the documented certificateOIDs verify option.

PoC

javascript
const { createVerificationPolicy } = require("sigstore/dist/config");

const policy = createVerificationPolicy({
  certificateIssuer: "https://issuer.example",
  certificateIdentityEmail: "victim@example.com",
  certificateOIDs: {
    "1.2.3.4": "required-value",
  },
});

console.log("certificateOIDs" in policy, JSON.stringify(policy));
// false {"subjectAlternativeName":"victim@example.com","extensions":{"issuer":"https://issuer.example"}}

Impact

Applications that rely on certificateOIDs to restrict which certificates may sign artifacts receive no such protection. Unauthorized certificates that should be rejected on extension policy can be accepted as long as they satisfy the remaining verification checks.

AnalysisAI

Signature verification policy bypass in the sigstore npm package allows attackers to have unauthorized signing certificates accepted despite explicit OID-based restrictions. The documented certificateOIDs verify option - used by sigstore.verify() and createVerifier() to require specific Fulcio/workload-identity extension OIDs - is silently discarded during policy construction, so those extension constraints are never enforced while callers believe they are. …

Unlock full vulnerability intelligence

  • Risk assessment & exploitation conditions
  • Attack chain visualization
  • Remediation with exact patch versions
  • Threat intelligence from 22 sources
  • Personal watchlist & email alerts

Free forever · No credit card required

Attack ChainAIDerived

Hypothetical attack flow derived from CVE metadata

Access
Obtain certificate passing SAN/issuer checks
Delivery
Craft signed bundle lacking required OIDs
Exploit
Submit bundle to app using certificateOIDs
Execution
certificateOIDs constraint silently skipped
Impact
Unauthorized artifact accepted as trusted

Vulnerability AssessmentAI

Exploitation Exploitation requires that the target application invokes `sigstore.verify()` or `createVerifier()`/`createVerificationPolicy()` with the `certificateOIDs` option set and treats those OID/value pairs as a security-relevant restriction - this is a non-default, opt-in usage, not the library baseline. … Additional conditions and limiting factors are described in the full assessment.
Risk Assessment The CVSS 3.1 base score is 7.5 (AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N), reflecting an integrity-only impact with no confidentiality or availability loss - consistent with a verification bypass rather than code execution or data disclosure. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in.
Exploit Scenario An organization verifies signed artifacts with `sigstore.verify()` and passes `certificateOIDs` to require a workload-identity extension that only its trusted build system's Fulcio certificates carry. Because that constraint is silently discarded, an attacker who obtains any certificate matching the configured issuer and identity - but lacking the required OID - can produce a bundle that passes verification, and the application accepts a malicious artifact it should have rejected. …
Remediation Upgrade to the fixed release of the sigstore npm package as directed by advisory GHSA-52v5-jr5w-gjxr (https://github.com/sigstore/sigstore-js/security/advisories/GHSA-52v5-jr5w-gjxr); the exact patched version is not present in the provided data and should be taken from the advisory. … Detailed patch versions, workarounds, and compensating controls in full report.

Threat intelligence, references, and detailed analysis are available after sign-in.

CVE-2013-3900 MEDIUM
5.5 Dec 11

Why is Microsoft republishing a CVE from 2013? We are republishing CVE-2013-3900 in the Security Update Guide to update

CVE-2026-48558 CRITICAL POC
9.5 Jun 12

Authentication bypass in SimpleHelp 5.5.15 and prior (plus 6.0 pre-release builds) allows remote unauthenticated attacke

CVE-2025-59718 CRITICAL
9.8 Dec 09

Authentication bypass in Fortinet FortiOS, FortiProxy, and FortiSwitchManager allows unauthenticated remote attackers to

CVE-2025-25291 CRITICAL POC
9.3 Mar 12

ruby-saml provides security assertion markup language (SAML) single sign-on (SSO) for Ruby. Rated critical severity (CVS

CVE-2025-25292 CRITICAL POC
9.3 Mar 12

ruby-saml provides security assertion markup language (SAML) single sign-on (SSO) for Ruby. Rated critical severity (CVS

CVE-2022-25898 CRITICAL POC
9.8 Jul 01

The package jsrsasign before 10.5.25 are vulnerable to Improper Verification of Cryptographic Signature when JWS or JWT

CVE-2024-42004 CRITICAL POC
9.8 Dec 18

A library injection vulnerability exists in Microsoft Teams (work or school) 24046.2813.2770.1094 for macOS. Rated criti

CVE-2024-41145 CRITICAL POC
9.8 Dec 18

A library injection vulnerability exists in the WebView.app helper app of Microsoft Teams (work or school) 24046.2813.27

CVE-2024-41138 CRITICAL POC
9.8 Dec 18

A library injection vulnerability exists in the com.microsoft.teams2.modulehost.app helper app of Microsoft Teams (work

CVE-2024-45409 CRITICAL POC
9.8 Sep 10

The Ruby SAML library is for implementing the client side of a SAML authorization. Rated critical severity (CVSS 9.8), t

CVE-2022-35929 CRITICAL POC
9.8 Aug 04

cosign is a container signing and verification utility. Rated critical severity (CVSS 9.8), this vulnerability is remote

CVE-2022-31053 CRITICAL POC
9.8 Jun 13

Biscuit is an authentication and authorization token for microservices architectures. Rated critical severity (CVSS 9.8)

Share

CVE-2026-48815 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy