CVE-2026-24117: CWE-918: Server-Side Request Forgery (SSRF) in sigstore rekor
CVE-2026-24117 is a Server-Side Request Forgery (SSRF) vulnerability affecting sigstore's rekor component versions 1. 4. 3 and below. The vulnerability arises because the /api/v1/index/retrieve endpoint allows retrieval of a public key via a user-supplied URL, enabling attackers to send GET requests to arbitrary internal services. Although the SSRF cannot mutate state or exfiltrate data due to the lack of response forwarding, it allows blind probing of internal networks. The issue is fixed in version 1. 5. 0, and a workaround is to disable the vulnerable endpoint with --enable_retrieve_api=false. The CVSS score is 5. 3 (medium severity), reflecting limited impact and ease of exploitation without authentication or user interaction.
AI Analysis
Technical Summary
CVE-2026-24117 is a medium severity SSRF vulnerability in the sigstore rekor software supply chain transparency log, specifically in versions 1.4.3 and earlier. The vulnerability exists in the /api/v1/index/retrieve endpoint, which accepts a user-provided URL to retrieve a public key. This design flaw allows an attacker to induce the server to perform HTTP GET requests to arbitrary internal or external URLs. Because the SSRF only supports GET requests, it cannot alter the state of targeted services, and the server does not relay the response back to the attacker, preventing direct data exfiltration. However, attackers can perform blind SSRF attacks to map internal network topology or identify accessible internal services, which could be leveraged in multi-stage attacks. The vulnerability is classified under CWE-918 (Server-Side Request Forgery). The issue was publicly disclosed on January 22, 2026, and fixed in rekor version 1.5.0. Until patching, disabling the vulnerable retrieve API endpoint using the --enable_retrieve_api=false flag serves as an effective mitigation. No known exploits are currently reported in the wild.
Potential Impact
For European organizations using sigstore rekor versions prior to 1.5.0, this SSRF vulnerability poses a risk of internal network reconnaissance by unauthorized actors. Although the vulnerability does not allow direct data theft or service disruption, it can facilitate lateral movement or identification of sensitive internal services, increasing the attack surface for subsequent exploitation. Organizations relying on rekor for software supply chain transparency may face risks to the confidentiality of their internal infrastructure layout. This is particularly relevant for critical infrastructure providers, government agencies, and large enterprises in Europe that adopt sigstore for software integrity verification. The inability to exfiltrate data limits immediate damage, but the reconnaissance capability could aid sophisticated attackers in planning further attacks, especially in environments with weak internal segmentation or insufficient monitoring of internal traffic.
Mitigation Recommendations
European organizations should promptly upgrade sigstore rekor to version 1.5.0 or later to remediate this vulnerability. If immediate patching is not feasible, disabling the vulnerable /api/v1/index/retrieve endpoint by setting --enable_retrieve_api=false is strongly recommended to prevent SSRF exploitation. Network-level controls should be implemented to restrict outbound HTTP requests from rekor servers to only trusted destinations, minimizing the risk of SSRF abuse. Additionally, internal network segmentation and monitoring should be enhanced to detect anomalous internal requests originating from the rekor server. Security teams should audit usage logs for unusual access patterns to the retrieve API endpoint and conduct penetration testing to identify potential SSRF exploitation paths. Finally, organizations should incorporate this vulnerability into their risk management and incident response plans, ensuring readiness for potential SSRF-related reconnaissance activities.
Affected Countries
Germany, France, United Kingdom, Netherlands, Sweden, Finland, Denmark, Belgium, Italy, Spain
CVE-2026-24117: CWE-918: Server-Side Request Forgery (SSRF) in sigstore rekor
Description
CVE-2026-24117 is a Server-Side Request Forgery (SSRF) vulnerability affecting sigstore's rekor component versions 1. 4. 3 and below. The vulnerability arises because the /api/v1/index/retrieve endpoint allows retrieval of a public key via a user-supplied URL, enabling attackers to send GET requests to arbitrary internal services. Although the SSRF cannot mutate state or exfiltrate data due to the lack of response forwarding, it allows blind probing of internal networks. The issue is fixed in version 1. 5. 0, and a workaround is to disable the vulnerable endpoint with --enable_retrieve_api=false. The CVSS score is 5. 3 (medium severity), reflecting limited impact and ease of exploitation without authentication or user interaction.
AI-Powered Analysis
Technical Analysis
CVE-2026-24117 is a medium severity SSRF vulnerability in the sigstore rekor software supply chain transparency log, specifically in versions 1.4.3 and earlier. The vulnerability exists in the /api/v1/index/retrieve endpoint, which accepts a user-provided URL to retrieve a public key. This design flaw allows an attacker to induce the server to perform HTTP GET requests to arbitrary internal or external URLs. Because the SSRF only supports GET requests, it cannot alter the state of targeted services, and the server does not relay the response back to the attacker, preventing direct data exfiltration. However, attackers can perform blind SSRF attacks to map internal network topology or identify accessible internal services, which could be leveraged in multi-stage attacks. The vulnerability is classified under CWE-918 (Server-Side Request Forgery). The issue was publicly disclosed on January 22, 2026, and fixed in rekor version 1.5.0. Until patching, disabling the vulnerable retrieve API endpoint using the --enable_retrieve_api=false flag serves as an effective mitigation. No known exploits are currently reported in the wild.
Potential Impact
For European organizations using sigstore rekor versions prior to 1.5.0, this SSRF vulnerability poses a risk of internal network reconnaissance by unauthorized actors. Although the vulnerability does not allow direct data theft or service disruption, it can facilitate lateral movement or identification of sensitive internal services, increasing the attack surface for subsequent exploitation. Organizations relying on rekor for software supply chain transparency may face risks to the confidentiality of their internal infrastructure layout. This is particularly relevant for critical infrastructure providers, government agencies, and large enterprises in Europe that adopt sigstore for software integrity verification. The inability to exfiltrate data limits immediate damage, but the reconnaissance capability could aid sophisticated attackers in planning further attacks, especially in environments with weak internal segmentation or insufficient monitoring of internal traffic.
Mitigation Recommendations
European organizations should promptly upgrade sigstore rekor to version 1.5.0 or later to remediate this vulnerability. If immediate patching is not feasible, disabling the vulnerable /api/v1/index/retrieve endpoint by setting --enable_retrieve_api=false is strongly recommended to prevent SSRF exploitation. Network-level controls should be implemented to restrict outbound HTTP requests from rekor servers to only trusted destinations, minimizing the risk of SSRF abuse. Additionally, internal network segmentation and monitoring should be enhanced to detect anomalous internal requests originating from the rekor server. Security teams should audit usage logs for unusual access patterns to the retrieve API endpoint and conduct penetration testing to identify potential SSRF exploitation paths. Finally, organizations should incorporate this vulnerability into their risk management and incident response plans, ensuring readiness for potential SSRF-related reconnaissance activities.
Technical Details
- Data Version
- 5.2
- Assigner Short Name
- GitHub_M
- Date Reserved
- 2026-01-21T18:38:22.472Z
- Cvss Version
- 3.1
- State
- PUBLISHED
Threat ID: 6972a2ca4623b1157c932a90
Added to database: 1/22/2026, 10:20:58 PM
Last enriched: 1/30/2026, 10:01:26 AM
Last updated: 2/7/2026, 5:50:41 PM
Views: 85
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Related Threats
CVE-2026-2106: Improper Authorization in yeqifu warehouse
MediumCVE-2026-2105: Improper Authorization in yeqifu warehouse
MediumCVE-2026-2090: SQL Injection in SourceCodester Online Class Record System
MediumCVE-2026-2089: SQL Injection in SourceCodester Online Class Record System
MediumCVE-2026-2088: SQL Injection in PHPGurukul Beauty Parlour Management System
MediumActions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
Need more coverage?
Upgrade to Pro Console in Console -> Billing for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.