Moderate severity6.5NVD Advisory· Published Jul 1, 2026
sigstore-js: sigstore-js: Insufficient verification of data authenticity allows timestamp manipulation
CVE-2026-48816
Description
sigstore-js: sigstore-js: Insufficient verification of data authenticity allows timestamp manipulation
Affected products
3- osv-coords2 versions
< 3.248.0-r2+ 1 more
- (no CPE)range: < 3.248.0-r2
- (no CPE)range: < 3.248.0-r2
Patches
Vulnerability mechanics
News mentions
0No linked articles in our index yet.