Back to CVE List

CVE-2026-48978

LOW SEVERITY

Vulnerability Description

oras-go: Malicious registry can hijack Bearer token realm to exfiltrate credentials and refresh tokens

Vulnerability Details

Published Date
Last Modified
Source
GitHub
Vendor
go
Product
oras.land/oras-go/v2

External References

Discussion (0)

Add Comment

No comments yet. Be the first!