CVE-2026-39395

Cosign's verify-blob-attestation reports false positive when payload parsing fails

Assigner: GitHub_M
Reserved: 06.04.2026 Published: 07.04.2026 Updated: 08.04.2026

Cosign provides code signing and transparency for containers and binaries. Prior to 3.0.6 and 2.6.3, cosign verify-blob-attestation may erroneously report a "Verified OK" result for attestations with malformed payloads or mismatched predicate types. For old-format bundles and detached signatures, this was due to a logic flaw in the error handling of the predicate type validation. For new-format bundles, the predicate type validation was bypassed completely. This vulnerability is fixed in 3.0.6 and 2.6.3.

Metrics

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
CVSS Score: 4.3

Attack Vector	Network	Scope	Unchanged
Attack Complexity	Low	Confidentiality Impact	None
Privileges Required	None	Integrity Impact	Low
User Interaction	Required	Availability Impact	None

CVSS 3.1

Product Status

Vendor	sigstore
Product	cosign
Versions	Version >= 3.0.0, < 3.0.6 is affected Version < 2.6.3 is affected

Vendor

sigstore

Product

cosign

Versions

Version >= 3.0.0, < 3.0.6 is affected
Version < 2.6.3 is affected

References

Problem Types

CWE-754: Improper Check for Unusual or Exceptional Conditions CWE

CVE-2026-39395 PUBLISHED

Cosign's verify-blob-attestation reports false positive when payload parsing fails

Metrics

Product Status

References

Problem Types