CVE-2026-48978
LOW SEVERITYVulnerability Description
oras-go: Malicious registry can hijack Bearer token realm to exfiltrate credentials and refresh tokens
Vulnerability Details
Published Date
Last Modified
Source
GitHub
Vendor
go
Product
oras.land/oras-go/v2
Discussion (0)
Add Comment
No comments yet. Be the first!