CVE-2026-44309— gitsign verify accepts signatures over go-git-normalized bytes, enabling trust confusion on malformed commits
Possible ATT&CK Techniques 1AI
T1565.001 · Stored Data ManipulationGet alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2026-44309
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
gitsign verify accepts signatures over go-git-normalized bytes, enabling trust confusion on malformed commits
Source: NVD (National Vulnerability Database)
Vulnerability Description
Gitsign is a keyless Sigstore to signing tool for Git commits with your a GitHub / OIDC identity. Prior to 0.16.0, gitsign verify and gitsign verify-tag re-encode commit/tag objects through go-git's EncodeWithoutSignature before checking the signature, instead of verifying against the raw git object bytes. For malformed objects with duplicate tree headers, git-core and go-git parse different trees: git-core uses the first, go-git uses the second. A signature crafted over the go-git-normalized form (second tree) passes gitsign verify while git-core resolves the commit to a completely different tree. This breaks the invariant that a verified signature, the commit semantics git-core presents to users, and the object hash logged in Rekor all refer to the same content. This vulnerability is fixed in 0.16.0.
Source: NVD (National Vulnerability Database)
CVSS Information
CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N
Source: NVD (National Vulnerability Database)
Vulnerability Type
密码学签名的验证不恰当
Source: NVD (National Vulnerability Database)
Affected Products
II. Public POCs for CVE-2026-44309
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2026-44309
请登录查看更多情报信息。
- https://github.com/sigstore/gitsign/security/advisories/GHSA-7rmh-48mx-2vwcx_refsource_CONFIRM
- https://nvd.nist.gov/vuln/detail/CVE-2026-44309
IV. Related Vulnerabilities
Same vendor: sigstore
- CVE-2026-44310
gitsign --verify panics on empty-certificate PKCS7 and exits - CVE-2026-39984
Sigstore Timestamp Authority has Improper Certificate Valida - CVE-2026-39395
Cosign's verify-blob-attestation reports false positive when - CVE-2026-31830
sigstore-ruby verifier returns success for DSSE bundles with - CVE-2026-24122
Cosign Certificate Chain Expiry Validation Issue Allows Issu
Same weakness: CWE-347
V. Comments for CVE-2026-44309
No comments yet