sigstore-go CVE-2026-49834
MEDIUMSeverity by source
AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
Log compromise required (AC:H); attacker operates external log infrastructure so PR:N; pure integrity bypass with no confidentiality or availability impact.
Primary rating from GitHub Advisory.
CVSS VectorGitHub Advisory
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
Lifecycle Timeline
1DescriptionGitHub Advisory
Impact
_What kind of vulnerability is it? Who is impacted?_
A verifier configured with WithTransparencyLog(N>1) or WithSignedCertificateTimestamps(N>1) expected defense-in-depth against the compromise of a single log instance. However, threshold counting counted verified witnesses per-entry or per-validation-path rather than per-log-authority.
As a result, a single compromised transparency log could forge multiple entries with different indices, and a single compromised CT log could verify multiple times (either across multiple certificate chains or via multiple embedded SCTs), fully satisfying the multi-log threshold requirements and defeating the multi-log policy.
Note that this does not affect Cosign, as Cosign sets a threshold of 1.
Patches
_Has the problem been patched? What versions should users upgrade to?_
Upgrade to v1.1.5.
Workarounds
_Is there a way for users to fix or remediate the vulnerability without upgrading?_
There is no workaround, beyond relying on trusted logs.
AnalysisAI
Threshold counting logic in sigstore-go's multi-log verification policy is bypassable by a single compromised transparency or CT log. When a verifier is configured with WithTransparencyLog(N>1) or WithSignedCertificateTimestamps(N>1), the intended defense-in-depth - requiring N distinct log authorities to independently vouch for an artifact - fails because counts accumulate per-entry or per-validation-path rather than per-log-authority. …
Unlock full vulnerability intelligence
- Risk assessment & exploitation conditions
- Attack chain visualization
- Remediation with exact patch versions
- Threat intelligence from 22 sources
- Personal watchlist & email alerts
Free forever · No credit card required
Attack ChainAIDerived
Hypothetical attack flow derived from CVE metadata
Vulnerability AssessmentAI
| Exploitation | Exploitation requires two conditions to hold simultaneously: (1) the consuming application must configure the sigstore-go verifier with WithTransparencyLog(N>1) or WithSignedCertificateTimestamps(N>1) - default Cosign usage with threshold=1 is explicitly confirmed unaffected; (2) the attacker must control or have already compromised at least one Rekor transparency log or CT log that is trusted by the verifier's policy. … Additional conditions and limiting factors are described in the full assessment. |
| Risk Assessment | The provided CVSS 3.1 vector (AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N) yields a score of 5.9, which aligns with the realistic attack surface. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in. |
| Exploit Scenario | An attacker who controls or has compromised a single Rekor transparency log operator crafts multiple log entries at distinct tree indices for the same malicious artifact. A downstream pipeline running sigstore-go with WithTransparencyLog(3) expects three separate log authorities to have independently witnessed the artifact; instead, the verifier counts all three forged entries from the single compromised log, satisfies the threshold, and marks the artifact as verified - allowing a tampered or malicious binary to pass supply-chain integrity checks silently. … |
| Remediation | Upgrade sigstore-go to v1.1.5, which is the vendor-released patch per the GitHub Security Advisory at https://github.com/sigstore/sigstore-go/security/advisories/GHSA-9vcr-p3rj-q5q6. … Detailed patch versions, workarounds, and compensating controls in full report. |
Threat intelligence, references, and detailed analysis are available after sign-in.
Same technique Information Disclosure
View allShare
External POC / Exploit Code
Leaving vuln.today
GHSA-9vcr-p3rj-q5q6