CVE-2026-48815: CWE-347: Improper Verification of Cryptographic Signature in sigstore sigstore-js
CVE-2026-48815 affects sigstore-js, a JavaScript library for interacting with Sigstore services. Before version 4.1.1, the certificateOIDs option in the sigstore.verify() function was accepted by the…
Read the full article2d agoen
You might also wanna read
ISC Stormcast For Friday, July 17th, 2026 (Fri, Jul 17th)
radar.offseq.com·48m ago
CVE-2026-2594: CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in inc2734 Smart Custom Fields
radar.offseq.com·1h ago
The Patch Wars have begun
radar.offseq.com·2h ago
CVE-2026-62237: Inefficient Regular Expression Complexity in getgrav grav
radar.offseq.com·2h ago
CVE-2026-62241: Missing Authentication for Critical Function in MohibShaikh clawvet
radar.offseq.com·2h ago
CVE-2026-62387: Permissive Cross-domain Security Policy with Untrusted Domains in getgrav grav
radar.offseq.com·2h ago
Comments
Sign in to join the conversation.
No comments yet. Be the first.