CVE-2026-48816: CWE-345: Insufficient Verification of Data Authenticity in sigstore sigstore-js
A vulnerability in sigstore-js prior to version 3.1.1 allows an attacker supplying an untrusted bundle to influence certificate validity and timestamp verification. This occurs because the library…
Read the full article2d agoen
You might also wanna read
CVE-2026-44433: CWE-770: Allocation of Resources Without Limits or Throttling in h2o quicly
radar.offseq.com·1h ago
New ClickLock macOS malware traps users into revealing login password
radar.offseq.com·1h ago
CVE-2026-14782: CWE-89 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') in melograno Booking for Appointments and Events Calendar – Amelia
radar.offseq.com·2h ago
CVE-2026-13713: CWE-416 Use After Free in TODDR YAML::Syck
radar.offseq.com·2h ago
CVE-2026-44176: CWE-862: Missing Authorization in getkirby kirby
radar.offseq.com·2h ago
CVE-2024-32387: n/a
radar.offseq.com·2h ago
Comments
Sign in to join the conversation.
No comments yet. Be the first.