Cosign is a tool within the sigstore project designed to provide cryptographic signing and transparency for container images and binaries, enhancing software supply chain security. Prior to versions 2.6.2 and 3.0.4, cosign had a vulnerability (CVE-2026-22703) classified under CWE-345 (Insufficient Verification of Data Authenticity). The vulnerability arises because cosign's verification process for Rekor transparency log entries did not adequately ensure that the Rekor entry referenced the artifact's digest, signature, or public key. Specifically, while cosign verified the Rekor entry's signature, it failed to confirm that the embedded Rekor entry matched the artifact being verified. This allowed an attacker who had compromised a user's signing key or identity to create a cosign bundle containing arbitrary Rekor entries unrelated to the actual artifact. Consequently, the user would be unable to audit or verify the legitimacy of the signing event, as cosign would accept any Rekor response as valid. This flaw undermines the integrity of the signing and transparency mechanism, potentially allowing malicious code to appear as legitimately signed. The vulnerability requires local privileges (AV:L) and low complexity (AC:L) to exploit, with no user interaction (UI:N) needed. The scope is unchanged (S:U), and the impact affects integrity (I:H) but not confidentiality or availability. The issue has been addressed in cosign versions 2.6.2 and 3.0.4 by enforcing strict verification that the Rekor entry corresponds correctly to the artifact's digest, signature, and public key.

For European organizations, this vulnerability poses a significant risk to the integrity of their software supply chain security, particularly for those leveraging cosign for container and binary signing. If exploited, attackers with access to signing credentials can forge signing bundles that appear legitimate, potentially distributing malicious or tampered software without detection. This undermines trust in signed artifacts and can lead to deployment of compromised software in production environments. While confidentiality and availability are not directly impacted, the integrity breach can have cascading effects, including regulatory compliance violations (e.g., under NIS2 or GDPR if software integrity is part of security controls), reputational damage, and operational disruptions. Organizations in sectors with stringent software supply chain requirements, such as finance, healthcare, and critical infrastructure, are especially vulnerable. The requirement for local privileges limits remote exploitation but does not eliminate risk from insider threats or compromised developer environments.

European organizations should immediately upgrade cosign to versions 2.6.2 or 3.0.4 or later to ensure the vulnerability is patched. Additionally, organizations should implement strict access controls and monitoring around signing keys and developer environments to prevent credential compromise. Employ hardware security modules (HSMs) or secure key management solutions to protect signing keys and reduce risk of key theft. Integrate continuous monitoring and auditing of signing events and transparency logs to detect anomalies or suspicious Rekor entries. Enforce multi-factor authentication and least privilege principles for users with signing capabilities. Consider implementing additional verification layers or cross-checks in the CI/CD pipeline to validate artifact provenance beyond cosign's built-in checks. Regularly review and update supply chain security policies to incorporate lessons learned from this vulnerability. Finally, educate developers and security teams about the risks of signing key compromise and the importance of timely patching.