Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
4.3
Cosign may falsely verify malicious code in containers and binaries
CVE-2026-39395
GHSA-w6c6-c85g-mmv6
Summary
Cosign, a code signing tool, had a flaw that allowed it to incorrectly verify malicious code as legitimate. This flaw was fixed in versions 3.0.6 and 2.6.3. Users should update to the latest version to ensure the tool accurately verifies code.
What to do
- Update github.com sigstore to version 3.0.6.
- Update github.com sigstore to version 2.6.3.
Affected software
| Vendor | Product | Affected versions | Fix available |
|---|---|---|---|
| github.com | sigstore | > 3.0.0 , <= 3.0.6 | 3.0.6 |
| github.com | sigstore | <= 2.6.3 | 2.6.3 |
Original title
Cosign's verify-blob-attestation reports false positive when payload parsing fails
Original description
## Description
`cosign verify-blob-attestation` may erroneously report a "Verified OK" result for attestations with malformed payloads or mismatched predicate types. For old-format bundles and detached signatures, this was due to a logic flaw in the error handling of the predicate type validation. For new-format bundles, the predicate type validation was bypassed completely.
## Impact
When `cosign verify-blob-attestation` is used without `--check-claims` set to `true`, an attestation that has a valid signature but a malformed or unparsable payload would be incorrectly validated. Additionally, systems relying on `--type <predicate type>` to reject attestations with mismatched types would be lead to trust the unexpected attestation type.
## Patches
v3.0.6, v2.6.3
## Workarounds
Always set `--check-claims=true` for attestation verification.
`cosign verify-blob-attestation` may erroneously report a "Verified OK" result for attestations with malformed payloads or mismatched predicate types. For old-format bundles and detached signatures, this was due to a logic flaw in the error handling of the predicate type validation. For new-format bundles, the predicate type validation was bypassed completely.
## Impact
When `cosign verify-blob-attestation` is used without `--check-claims` set to `true`, an attestation that has a valid signature but a malformed or unparsable payload would be incorrectly validated. Additionally, systems relying on `--type <predicate type>` to reject attestations with mismatched types would be lead to trust the unexpected attestation type.
## Patches
v3.0.6, v2.6.3
## Workarounds
Always set `--check-claims=true` for attestation verification.
nvd CVSS3.1
4.3
Vulnerability type
CWE-754
Published: 8 Apr 2026 · Updated: 8 Apr 2026 · First seen: 7 Apr 2026