Vuln
·
Scope
Home
Packages
KEV
Critical
Insights
Jobs
Pricing
EN
中
pkg:Debian/
golang-github-sigstore-cosign-v2
1 total CVE
MEDIUM
1
✅ Check your installed version
Check
All known vulnerabilities
MEDIUM
4.3
CVE-2026-39395
Cosign's verify-blob-attestation reports false positive when payload parsing fails
from 0, < 2.6.3-2
Debian/golang-github-sigstore-cosign-v2 — 1 CVEs · VulnScope