The Key to the Kingdom: SSRF in Sigstore Rekor
Vulnerability ID: CVE-2026-24117
CVSS Score: 9.1
Published: 2026-01-22
A 'convenient' feature in Sigstore's Rekor transparency log turned into a classic Server-Side Request Forgery hole. By allowing the server to fetch public keys via URL, developers inadvertently handed attackers a flashlight to explore their internal networks.
TL;DR
Rekor's /api/v1/index/retrieve endpoint allowed users to submit a URL for the server to fetch a public key. This resulted in a Blind SSRF vulnerability. Attackers could force the Rekor server to make requests to internal resources (like AWS metadata or Kubernetes APIs). The fix was a breaking change: the server no longer fetches URLs; the client must download the key first and send the bytes.
⚠️ Exploit Status: POC
Technical Details
- CWE ID: CWE-918
- Vulnerability Type: Blind SSRF
- CVSS (Estimated): 9.1 (Critical)
- Attack Vector: Network
- Privileges Required: None
- Breaking Change: Yes (API Field Removed)
Affected Systems
- Sigstore Rekor Server < v1.5.0
- Kubernetes clusters hosting vulnerable Rekor instances
- Cloud environments (AWS/GCP) exposing metadata services to Rekor pods
-
sigstore/rekor: < 1.5.0 (Fixed in:
1.5.0)
Code Analysis
Commit: 60ef2bc
feat: remove url from search index public key to prevent SSRF
- url:
- type: string
- format: strfmt
Exploit Details
- Manual: Payload construction involves simple JSON manipulation of the publicKey.url field.
Mitigation Strategies
- Disable the Retrieve API endpoint
- Network Segmentation (Egress filtering)
- Upgrade to fixed version
Remediation Steps:
- Upgrade Sigstore Rekor to version v1.5.0 or later.
- If immediate upgrade is not possible, start the Rekor server with the flag
--enable_retrieve_api=falseto disable the vulnerable endpoint. - Audit logs for requests to
/api/v1/index/retrievewith suspicious URLs in the payload.
References
Read the full report for CVE-2026-24117 on our website for more details including interactive diagrams and full exploit analysis.
Top comments (0)