CVE-2026-24845 Overview
CVE-2026-24845 is a credential exposure vulnerability affecting the malcontent supply-chain security tool. Malcontent discovers supply-chain compromises through context, differential analysis, and YARA. Starting in version 0.10.0 and prior to version 1.20.3, malcontent could be made to expose Docker registry credentials if it scanned a specially crafted OCI image reference.
Malcontent uses google/go-containerregistry for OCI image pulls, which by default uses the Docker credential keychain. A malicious registry could return a WWW-Authenticate header redirecting token authentication to an attacker-controlled endpoint, causing credentials to be sent to that endpoint. This constitutes an Insufficiently Protected Credentials weakness (CWE-522).
Critical Impact
Docker registry credentials could be exfiltrated to attacker-controlled endpoints when scanning malicious OCI image references, potentially compromising container registry access and enabling supply-chain attacks.
Affected Products
- malcontent versions 0.10.0 to 1.20.2
- Systems using malcontent with Docker credential keychain configured
- Environments performing OCI image scanning against untrusted registries
Discovery Timeline
- 2026-01-29 - CVE CVE-2026-24845 published to NVD
- 2026-01-29 - Last updated in NVD database
Technical Details for CVE-2026-24845
Vulnerability Analysis
The vulnerability exists in malcontent's OCI image handling functionality. When malcontent scans OCI images, it relies on the google/go-containerregistry library for container image operations. By default, this library uses the Docker credential keychain to authenticate with container registries.
A malicious registry can exploit the OAuth-style token authentication flow used by container registries. When malcontent attempts to pull an image, the registry can respond with a WWW-Authenticate header that specifies an authentication realm controlled by the attacker. The go-containerregistry library would then send the user's Docker credentials to this attacker-controlled endpoint, resulting in credential theft.
This attack is particularly dangerous in supply-chain security contexts where malcontent is used to analyze potentially malicious container images from untrusted sources.
Root Cause
The root cause is the default authentication behavior in the OCI image pull functionality. Malcontent did not implement anonymous authentication as the default for OCI pulls, instead inheriting the default behavior from google/go-containerregistry which automatically attempts to authenticate using locally stored Docker credentials. This design decision created an attack surface where untrusted registries could redirect authentication to capture credentials.
Attack Vector
The attack requires a user to scan a crafted OCI image reference pointing to a malicious registry:
- Attacker sets up a malicious container registry
- Attacker crafts an OCI image reference pointing to their registry
- Target runs malcontent scan against the malicious image reference
- Malicious registry responds with WWW-Authenticate header redirecting to attacker endpoint
- Malcontent's underlying library sends Docker credentials to attacker endpoint
- Attacker captures registry credentials
The security patch introduces an ociAuthFlag to control authentication behavior:
minFileRiskFlag string
minLevelFlag int
minRiskFlag string
+ ociAuthFlag bool
ociFlag bool
outputFlag string
profileFlag bool
Source: GitHub Commit Log
The fix modifies the OCI archive handling to pass the authentication flag:
)
if c.OCI {
- srcPath, err = archive.OCI(ctx, srcPath)
+ srcPath, err = archive.OCI(ctx, srcPath, c.OCIAuth)
if err != nil {
return nil, fmt.Errorf("failed to prepare scan path: %w", err)
}
- destPath, err = archive.OCI(ctx, destPath)
+ destPath, err = archive.OCI(ctx, destPath, c.OCIAuth)
if err != nil {
return nil, fmt.Errorf("failed to prepare scan path: %w", err)
}
Source: GitHub Commit Log
Detection Methods for CVE-2026-24845
Indicators of Compromise
- Unexpected outbound authentication requests to unknown registry endpoints
- Docker credential access logs showing authentication to unfamiliar domains
- Network connections from malcontent processes to non-standard registry URLs
- Registry authentication tokens appearing in unexpected network traffic
Detection Strategies
- Monitor for WWW-Authenticate header redirects to external domains during OCI operations
- Implement network-level detection for credential-bearing HTTP requests to untrusted endpoints
- Audit malcontent command invocations with OCI image references pointing to unknown registries
- Deploy endpoint detection to identify credential exfiltration patterns
Monitoring Recommendations
- Enable verbose logging for malcontent OCI operations to track authentication flows
- Implement network egress monitoring for container registry authentication traffic
- Configure alerts for Docker credential file access by malcontent processes
- Monitor for DNS queries to suspicious registry domains during malcontent execution
How to Mitigate CVE-2026-24845
Immediate Actions Required
- Upgrade malcontent to version 1.20.3 or later immediately
- Review recent malcontent scan logs for OCI image references from untrusted sources
- Rotate Docker registry credentials if potentially exposed
- Restrict malcontent OCI scanning to trusted registry sources until patched
Patch Information
Version 1.20.3 fixes the issue by defaulting to anonymous authentication for OCI pulls. The patch introduces an explicit ociAuthFlag that must be enabled if authenticated registry access is required.
For detailed patch information, see the GitHub Security Advisory and the security commit.
Workarounds
- Avoid scanning OCI images from untrusted registries until patched
- Isolate malcontent execution in environments without Docker credential access
- Use network segmentation to prevent credential exfiltration to external endpoints
- Remove or restrict Docker credential keychain access for malcontent processes
# Configuration example - Remove Docker credentials before scanning untrusted images
# Backup existing credentials
mv ~/.docker/config.json ~/.docker/config.json.bak
# Run malcontent scan without credentials
malcontent scan --oci untrusted-image:tag
# Restore credentials after scan
mv ~/.docker/config.json.bak ~/.docker/config.json
Disclaimer: This content was generated using AI. While we strive for accuracy, please verify critical information with official sources.
