Skip to main content
CVE Vulnerability Database
Vulnerability Database/CVE-2026-22772

CVE-2026-22772: Linuxfoundation Fulcio SSRF Vulnerability

CVE-2026-22772 is an SSRF vulnerability in Linuxfoundation Fulcio that allows attackers to bypass URL validation and probe internal networks. This article covers the technical details, affected versions, impact, and mitigation.

Updated:

CVE-2026-22772 Overview

CVE-2026-22772 is a Server-Side Request Forgery (SSRF) vulnerability in Fulcio, the Sigstore certificate authority that issues code signing certificates tied to OpenID Connect (OIDC) identities. The flaw resides in the metaRegex() function, which uses an unanchored regular expression when validating MetaIssuer URLs. Attackers can craft inputs that bypass URL validation and force the Fulcio server to issue GET requests to arbitrary internal services. The issue is classified as Server-Side Request Forgery [CWE-918] and affects Fulcio versions prior to 1.8.5.

Critical Impact

A blind SSRF condition allows network attackers to probe internal infrastructure reachable by the Fulcio service without authentication or user interaction.

Affected Products

  • Linux Foundation Fulcio versions prior to 1.8.5
  • Sigstore deployments relying on Fulcio for OIDC-based code signing certificate issuance
  • Self-hosted Fulcio instances exposing the certificate signing API to untrusted clients

Discovery Timeline

  • 2026-01-12 - CVE-2026-22772 published to the National Vulnerability Database (NVD)
  • 2026-03-05 - Last updated in NVD database

Technical Details for CVE-2026-22772

Vulnerability Analysis

Fulcio validates issuer URLs against operator-configured MetaIssuer patterns to determine which OIDC providers may request certificates. The metaRegex() helper compiles those patterns into Go regular expressions. Because the resulting expression is not anchored with ^ and $, the regex matches any substring inside a longer URL rather than the full input.

An attacker can supply a crafted issuer URL that embeds a legitimate matching substring while pointing the actual HTTP request at an internal host. Fulcio accepts the URL as valid, then performs an outbound GET request to fetch the OIDC discovery document from the attacker-controlled location. This contacts internal services reachable from the Fulcio process.

The SSRF is limited to GET requests, so attackers cannot mutate server-side state. Fulcio also does not return the response body to the caller, which prevents direct data exfiltration. The remaining primitive is blind SSRF suitable for internal network reconnaissance, port probing, and inference based on response timing or error behavior.

Root Cause

The root cause is improper input validation in metaRegex(). The function converts MetaIssuer templates into regular expressions without enforcing start and end anchors. As a result, validation succeeds on URLs that merely contain the configured pattern as a substring, breaking the intended allowlist semantics.

Attack Vector

Exploitation requires network access to the Fulcio certificate issuance endpoint but no authentication or user interaction. An attacker submits a token request whose issuer URL satisfies the unanchored regex while routing Fulcio's discovery fetch toward an internal address such as a cloud metadata service, an internal API, or a non-public host. See the GitHub Security Advisory GHSA-59jp-pj84-45mr for advisory details.

No public proof-of-concept exploit code is available. The vulnerability mechanism is described in prose; refer to the upstream GitHub Commit Details for the exact patch implementing anchored regex validation.

Detection Methods for CVE-2026-22772

Indicators of Compromise

  • Outbound HTTP GET requests from the Fulcio service to RFC1918 addresses, link-local ranges, or cloud metadata endpoints such as 169.254.169.254.
  • Fulcio logs showing OIDC discovery fetches against hostnames that do not match the operator's intended issuer allowlist.
  • Unexpected DNS lookups from the Fulcio host for internal-only service names.

Detection Strategies

  • Inspect Fulcio access and application logs for MetaIssuer evaluations where the requested issuer URL contains embedded internal hostnames or IP literals.
  • Correlate egress network flow data from the Fulcio pod or host against an allowlist of approved OIDC provider domains.
  • Alert on HTTP requests originating from Fulcio that target private address space or cloud instance metadata endpoints.

Monitoring Recommendations

  • Forward Fulcio logs and host network telemetry to a centralized analytics platform for retention and query.
  • Baseline normal OIDC discovery traffic patterns and alert on deviations in destination, frequency, or response codes.
  • Track the running version of Fulcio across clusters and flag instances still below 1.8.5.

How to Mitigate CVE-2026-22772

Immediate Actions Required

  • Upgrade all Fulcio deployments to version 1.8.5 or later, which anchors the regex used by metaRegex().
  • Audit configured MetaIssuer values and replace overly broad templates with explicit issuer URLs where possible.
  • Restrict egress from the Fulcio service to the specific OIDC provider endpoints required for operation.

Patch Information

The fix is delivered in Fulcio 1.8.5 via the upstream commit referenced in the GitHub Commit Details. The patch anchors the regular expression generated from MetaIssuer templates so validation matches the entire URL rather than a substring. Operators running Sigstore infrastructure or downstream distributions should pull the patched release and redeploy.

Workarounds

  • Apply network egress filtering on the Fulcio host to block requests to internal address ranges and cloud metadata services.
  • Remove or narrow MetaIssuer entries until the upgrade can be performed, preferring exact OIDCIssuer configuration when feasible.
  • Place Fulcio behind a forward proxy that enforces a domain allowlist for outbound HTTPS requests.
bash
# Configuration example: verify the running Fulcio version and upgrade
fulcio version
# Pull the patched release
git clone https://github.com/sigstore/fulcio.git
cd fulcio && git checkout v1.8.5
# Rebuild and redeploy according to your environment

Disclaimer: This content was generated using AI. While we strive for accuracy, please verify critical information with official sources.

Default Legacy - Prefooter | Experience the World’s Most Advanced Cybersecurity Platform

Experience the Most Advanced Cybersecurity Platform

See how the world’s most intelligent, autonomous cybersecurity platform can protect your organization today and into the future.