Malicious code in @redhat-cloud-services/frontend-components-translations (npm)

Part of the "Mini Shai-Hulud" supply chain worm campaign that compromised the GitHub Actions OIDC trusted publisher shared by Red Hat Cloud Services npm packages. The attacker injected a preinstall hook into this and 31 other packages in the @redhat-cloud-services scope. The hook delivers a...

Malicious code in @redhat-cloud-services/compliance-client (npm)

Part of the "Mini Shai-Hulud" supply chain worm campaign that compromised the GitHub Actions OIDC trusted publisher shared by Red Hat Cloud Services npm packages. The attacker injected a preinstall hook into this and 31 other packages in the @redhat-cloud-services scope. The hook delivers a...

Security Bulletin: Fulcio OIDC Token Parsing DoS Vulnerability in extractIssuerURL affects watsonx.data

Summary ulcio prior to 1.8.3 is vulnerable to a Denial-of-Service DoS issue where malicious OIDC tokens containing excessive period characters can trigger high memory allocation during parsing. This can affect watsonx.data. Vulnerability Details CVEID:CVE-2025-66506 DESCRIPTION: Fulcio is a...

Medium: runfinch-finch

Issue Overview: Fulcio is a certificate authority for issuing code signing certificates for an OpenID Connect OIDC identity. Prior to 1.8.5, Fulcio's metaRegex function uses unanchored regex, allowing attackers to bypass MetaIssuer URL validation and trigger SSRF to arbitrary internal services...

Amazon Linux 2023 : runfinch-finch (ALAS2023-2026-1507)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1507 advisory. Fulcio is a certificate authority for issuing code signing certificates for an OpenID Connect OIDC identity. Prior to 1.8.5, Fulcio's metaRegex function uses unanchored regex, allowing attacke...

Denial Of Service (DoS)

github.com/sigstore/fulcio is vulnerable to Denial of Service DoS. The vulnerability is due to inefficient handling of untrusted input in the extractIssuerURL function, which allows an attacker to supply a token with excessive period characters to trigger high memory allocations and degrade servi...

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : cosign (SUSE-SU-2026:0777-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:0777-1 advisory. Update to version 3.0.5 jscSLE-23879. Security issues fixed: - CVE-2025-11065:...

SUSE-SU-2026:0777-1 Security update for cosign

This update for cosign fixes the following issues: Update to version 3.0.5 jscSLE-23879. Security issues fixed: - CVE-2025-11065: github.com/go-viper/mapstructure/v2: sensitive Information leak in logs bsc1250620. - CVE-2025-58181: golang.org/x/crypto/ssh: invalidated number of mechanisms can cau...

GHSA-FW7P-63QQ-7HPR vulnerabilities

Vulnerabilities for packages: envoy-gateway, step-issuer, spicedb, dex, splunk-otel-collector, kyverno-policy-reporter, step-ca, loki, grafana-alloy, sftpgo, tailscale, gitsign, dgraph, aactl, mattermost, keda, minio, rekor, terragrunt, trillian, k3s, ratify, timestamp-authority, kots, nri-mysql,...

OPENSUSE-RU-2026:20161-1 Recommended update for hauler

This update for hauler fixes the following issues: Changes in hauler: - Update to version 1.4.1 bsc1256546, CVE-2026-22772: fixed typos for containerd imports 493 fix and support containerd imports of hauls 492 bump github.com/sigstore/fulcio 489 - Update to version 1.4.0: added/updated logging f...

GO-2026-4311 Fulcio is vulnerable to Server-Side Request Forgery (SSRF) via MetaIssuer Regex Bypass in github.com/sigstore/fulcio

Fulcio is vulnerable to Server-Side Request Forgery SSRF via MetaIssuer Regex Bypass in github.com/sigstore/fulcio...

GHSA-4C4X-JM2X-PF9J Rekor affected by Server-Side Request Forgery (SSRF) via provided public key URL

Summary /api/v1/index/retrieve supports retrieving a public key via a user-provided URL, allowing attackers to trigger SSRF to arbitrary internal services. Since the SSRF only can trigger GET requests, the request cannot mutate state. The response from the GET request is not returned to the calle...

Rekor affected by Server-Side Request Forgery (SSRF) via provided public key URL

Summary /api/v1/index/retrieve supports retrieving a public key via a user-provided URL, allowing attackers to trigger SSRF to arbitrary internal services. Since the SSRF only can trigger GET requests, the request cannot mutate state. The response from the GET request is not returned to the calle...

SUSE CVE-2026-22772

Fulcio is a certificate authority for issuing code signing certificates for an OpenID Connect OIDC identity. Prior to 1.8.5, Fulcio's metaRegex function uses unanchored regex, allowing attackers to bypass MetaIssuer URL validation and trigger SSRF to arbitrary internal services. Since the SSRF on...

CVE-2026-22772

A flaw was found in Fulcio, a certificate authority for issuing code signing certificates. A remote attacker could exploit this by bypassing MetaIssuer URL validation due to unanchored regular expressions regex in the metaRegex function. This vulnerability could lead to Server-Side Request Forger...

GHSA-59JP-PJ84-45MR Fulcio is vulnerable to Server-Side Request Forgery (SSRF) via MetaIssuer Regex Bypass

Security Disclosure: SSRF via MetaIssuer Regex Bypass Summary Fulcio's metaRegex function uses unanchored regex, allowing attackers to bypass MetaIssuer URL validation and trigger SSRF to arbitrary internal services. Since the SSRF only can trigger GET requests, the request cannot mutate state. T...

Server-side Request Forgery (SSRF)

Overview Affected versions of this package are vulnerable to Server-side Request Forgery SSRF via the metaRegex function. An attacker can access internal network resources by crafting a malicious issuer URL that bypasses validation and causes the system to send HTTP GET requests to arbitrary...

EUVD-2026-2001

Fulcio is vulnerable to Server-Side Request Forgery SSRF via MetaIssuer Regex Bypass...

Fulcio is vulnerable to Server-Side Request Forgery (SSRF) via MetaIssuer Regex Bypass

Security Disclosure: SSRF via MetaIssuer Regex Bypass Summary Fulcio's metaRegex function uses unanchored regex, allowing attackers to bypass MetaIssuer URL validation and trigger SSRF to arbitrary internal services. Since the SSRF only can trigger GET requests, the request cannot mutate state. T...

EUVD-2026-1868

Cosign verification accepts any valid Rekor entry under certain conditions...