CVE-2026-22772 | sigstore fulcio up to 1.8.4 metaRegex server-side request forgery (GHSA-59jp-pj84-45mr)

A vulnerability marked as critical has been reported in sigstore fulcio up to 1.8.4. The affected element is the function metaRegex. Performing a manipulation results in server-side request forgery.

This vulnerability was named CVE-2026-22772. The attack may be initiated remotely. There is no available exploit.

It is suggested to upgrade the affected component.VulDB Recent EntriesRead More