pkg:Debian/cosign
3 total CVEsMEDIUM2LOW1
✅ Check your installed version
All known vulnerabilities
MEDIUM5.5CVE-2026-22703Cosign verification accepts any valid Rekor entry under certain conditions from 0
MEDIUM4.3CVE-2026-39395Cosign's verify-blob-attestation reports false positive when payload parsing fails from 0
LOW3.7CVE-2026-24122Cosign Certificate Chain Expiry Validation Issue Allows Issuing Certificate Expiry to Be Overlooked from 0