CVE-2026-39984 | sigstore timestamp-authority up to 2.0.5 certificate validation

A vulnerability, which was classified as critical, has been found in sigstore timestamp-authority up to 2.0.5. This issue affects some unknown processing. This manipulation causes improper certificate validation.

This vulnerability is registered as CVE-2026-39984. Remote exploitation of the attack is possible. No exploit is available.

It is advisable to upgrade the affected component.VulDB Recent EntriesRead More