Skip to main content

sigstore-js CVE-2026-48816

| EUVDEUVD-2026-44502 MEDIUM
Insufficient Verification of Data Authenticity (CWE-345)
2026-07-01 https://github.com/sigstore/sigstore-js GHSA-xgjw-pm74-86q4
6.5
CVSS 3.1 · Vendor: https://github.com/sigstore/sigstore-js
Share

Severity by source

Vendor (https://github.com/sigstore/sigstore-js) PRIMARY
6.5 MEDIUM
AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
vuln.today AI
6.5 MEDIUM

Attacker must supply the crafted bundle (PR:L); no confidentiality or availability impact; integrity impact is high as certificate validity enforcement is bypassed.

3.1 AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
4.0 AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N

Primary rating from Vendor (https://github.com/sigstore/sigstore-js).

CVSS VectorVendor: https://github.com/sigstore/sigstore-js

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
Attack Vector
Network
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
None
Integrity
High
Availability
None

Lifecycle Timeline

2
Analysis Generated
Jul 01, 2026 - 20:21 vuln.today
CVE Published
Jul 01, 2026 - 19:57 github-advisory
MEDIUM 6.5

Blast Radius

ecosystem impact
† from your stack dependencies † transitive graph · vuln.today resolves 4-path depth
  • 10 npm packages depend on @sigstore/verify (2 direct, 8 indirect)

Ecosystem-wide dependent count for version 3.1.0.

DescriptionCVE.org

sigstore-js derives a transparency-log timestamp from tlogEntries[].integratedTime and uses it to validate certificate validity windows and satisfy timestampThreshold. For bundle v0.2, a tlog entry can be inclusionProof-only (no signed inclusionPromise/set), and the inclusion proof path does not cryptographically bind integratedTime. As a result, an attacker who can supply an untrusted bundle can influence time-based verification decisions by choosing integratedTime.

impact

If a consumer accepts attacker-provided bundle v0.2 inputs and relies on tlog-derived timestamps for certificate validity checks, verification can be influenced by an unauthenticated timestamp value. This is a trust gap: integratedTime is treated as a trusted observer timestamp under inclusionProof-only mode even though only the signed inclusionPromise/set path binds it.

affected code

  • packages/verify/src/bundle/index.ts (adds a transparency-log timestamp whenever integratedTime != 0)
  • packages/verify/src/timestamp/index.ts (converts integratedTime to a Date)
  • packages/verify/src/verifier.ts (verifies timestamps before verifying tlog inclusion)
  • packages/verify/src/tlog/index.ts + packages/verify/src/tlog/set.ts (only the inclusionPromise/set path binds integratedTime)

proof of concept

The attached poc.zip contains a self-contained harness that reproduces the behavior on the pinned commit and includes both a canonical test and a negative control.

repro:

  1. extract poc.zip into a fresh directory and run the make targets:
bash
unzip poc.zip -d poc
cd poc/poc-F-SIG-JS-TLOGTIME-001
make canonical
make control
  1. confirm canonical.log includes:
[CALLSITE_HIT]:
[PROOF_MARKER]:
  1. confirm control.log includes:
[NC_MARKER]:

suggested fix

Only treat integratedTime as a trusted timestamp when it is cryptographically bound (for example, via a verified signed inclusionPromise/set). For inclusionProof-only entries, do not count integratedTime toward timestampThreshold, and do not use it for certificate validity decisions unless there is another signed time source (for example, an rfc3161 timestamp).

poc.zip PR_DESCRIPTION.md SUBMISSION.md

AnalysisAI

Timestamp forgery in sigstore-js allows an attacker supplying a crafted bundle v0.2 to manipulate certificate validity window checks by controlling the integratedTime field in an inclusionProof-only tlog entry. Because the inclusionProof-only code path in @sigstore/verify does not cryptographically bind integratedTime (unlike the signed inclusionPromise/set path), a low-privileged attacker who can present an untrusted bundle can cause the verifier to accept expired or not-yet-valid signing certificates as currently valid. …

Unlock full vulnerability intelligence

  • Risk assessment & exploitation conditions
  • Attack chain visualization
  • Remediation with exact patch versions
  • Threat intelligence from 22 sources
  • Personal watchlist & email alerts

Free forever · No credit card required

Attack ChainAIDerived

Hypothetical attack flow derived from CVE metadata

Recon
Obtain write access to artifact store or intercept bundle delivery
Delivery
Craft bundle v0.2 with inclusionProof-only tlog entry
Exploit
Set integratedTime to value within expired certificate validity window
Install
Deliver crafted bundle to sigstore-js verifier
C2
Verifier trusts unbound integratedTime as log timestamp
Execute
Certificate expiry check passes
Impact
Expired-certificate artifact accepted as validly signed

Vulnerability AssessmentAI

Exploitation Exploitation requires two simultaneous conditions: (1) the application accepts bundle v0.2 format inputs that are attacker-supplied or attacker-modifiable - bundles fetched from fully trusted, integrity-protected sources are not affected if the attacker cannot tamper with them in transit or at rest; and (2) the verifier relies on tlog-derived timestamps (the `integratedTime` field from `tlogEntries[]`) for certificate validity window checks or to satisfy `timestampThreshold`. … Additional conditions and limiting factors are described in the full assessment.
Risk Assessment The provided CVSS 6.5 (AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N) reflects a medium-severity finding with high integrity impact. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in.
Exploit Scenario An attacker with write access to an artifact registry or the ability to intercept a bundle download crafts a bundle v0.2 with a tlog entry in inclusionProof-only mode and sets `integratedTime` to a value that falls within the validity window of an already-expired signing certificate. When the sigstore-js verifier processes this bundle, it trusts the attacker-supplied `integratedTime` as the log-observed timestamp, causes the certificate validity check to pass, and accepts the bundle as validly signed despite the certificate being expired. …
Remediation The upstream fix described in the advisory is to restrict trust in `integratedTime` to cases where it is cryptographically bound: only the signed inclusionPromise/set path should contribute `integratedTime` to `timestampThreshold` or certificate validity decisions; the inclusionProof-only path must not use `integratedTime` as a trusted timestamp unless an independent signed time source (e.g., an RFC 3161 timestamp) is also present. … Detailed patch versions, workarounds, and compensating controls in full report.

Threat intelligence, references, and detailed analysis are available after sign-in.

CVE-2012-0217 HIGH POC
7.2 Jun 12

The x86-64 kernel system-call functionality in Xen 4.1.2 and earlier, as used in Citrix XenServer 6.0.2 and earlier and

CVE-2026-33309 CRITICAL POC
9.9 Mar 19

An authenticated path traversal vulnerability in Langflow's file upload functionality allows attackers to write arbitrar

CVE-2019-7304 CRITICAL POC
9.8 Apr 23

Canonical snapd before version 2.37.1 incorrectly performed socket owner validation, allowing an attacker to run arbitra

CVE-2026-33186 CRITICAL POC
9.1 Mar 18

An authorization bypass vulnerability in gRPC-Go allows attackers to circumvent path-based access control by sending HTT

CVE-2026-50180 HIGH POC
8.7 Jul 02

Arbitrary file read in Langroid's SQLChatAgent (<= 0.63.0) lets an attacker who can influence the LLM-generated SQL exfi

CVE-2020-14966 HIGH POC
7.5 Jun 22

An issue was discovered in the jsrsasign package through 8.0.18 for Node.js. Rated high severity (CVSS 7.5), this vulner

CVE-2020-13822 HIGH POC
7.7 Jun 04

The Elliptic package 6.5.2 for Node.js allows ECDSA signature malleability via variations in encoding, leading '\0' byte

CVE-2026-29181 HIGH POC
7.5 Apr 07

Resource exhaustion in OpenTelemetry Go propagation library (v1.41.0 and earlier) enables remote attackers to trigger se

CVE-2019-7303 HIGH POC
7.5 Apr 23

A vulnerability in the seccomp filters of Canonical snapd before version 2.37.4 allows a strict mode snap to insert char

CVE-2014-4699 MEDIUM POC
6.9 Jul 09

The Linux kernel before 3.15.4 on Intel processors does not properly restrict use of a non-canonical value for the saved

CVE-2017-7725 MEDIUM POC
6.1 Apr 13

concrete5 8.1.0 places incorrect trust in the HTTP Host header during caching, if the administrator did not define a "ca

CVE-2022-24899 MEDIUM POC
6.1 May 06

Contao is a powerful open source CMS that allows you to create professional websites and scalable web applications. Rate

Share

CVE-2026-48816 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy