2 matches found
CVE-2026-23992
go-tuf is a Go implementation of The Update Framework TUF. Starting in version 2.0.0 and prior to version 2.3.1, a compromised or misconfigured TUF repository can have the configured value of signature thresholds set to 0, which effectively disables signature verification. This can lead to...
CVE-2026-23992
creationtimestamp| type| source ---|---|--- 2026-01-22 05:24:20+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mcyh2els6z2n 2026-01-24 21:23:11+00:00| seen| https://gist.github.com/alon710/8fa5ed84752e14467c2f8002d0f50f89 2026-01-24 22:20:46+00:00| seen|...