Sigstore Fulcio
2 CVEs affecting Sigstore Fulcio. Latest disclosed: 2026-01-12. Critical: 0, High: 1.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2025-66506 | High | 7.5 | 2025-12-04 | Fulcio is a free-to-use certificate authority for issuing code signing certificates for an OpenID Connect (OIDC) identity. Prior to 1.8.3, function identity.ex… |
CVE-2026-22772 | Medium | 5.8 | 2026-01-12 | Fulcio is a certificate authority for issuing code signing certificates for an OpenID Connect (OIDC) identity. Prior to 1.8.5, Fulcio's metaRegex() function us… |