diff --git a/pkg/attestation/crafter/materials/helmchart.go b/pkg/attestation/crafter/materials/helmchart.go
index 417933003..1dfdc3b0f 100644
--- a/pkg/attestation/crafter/materials/helmchart.go
+++ b/pkg/attestation/crafter/materials/helmchart.go
@@ -19,6 +19,7 @@ import (
 	"archive/tar"
 	"compress/gzip"
 	"context"
+	"errors"
 	"fmt"
 	"io"
 	"os"
@@ -121,12 +122,12 @@ func (c *HelmChartCrafter) craftLocalHelmChart(ctx context.Context, filepath str
 		// it was compressed from. So, we can check if the file name contains the required file names
 		// Ex: helm-chart/Chart.yaml, helm-chart/values.yaml
 		if strings.Contains(header.Name, chartFileName) {
-			if err := c.validateYamlFile(tarReader); err != nil {
+			if err := c.validateYamlFile(tarReader, false); err != nil {
 				return nil, fmt.Errorf("invalid Chart.yaml file: %w", err)
 			}
 			chartFileValid = true
 		} else if strings.Contains(header.Name, chartValuesYamlFileName) {
-			if err := c.validateYamlFile(tarReader); err != nil {
+			if err := c.validateYamlFile(tarReader, true); err != nil {
 				return nil, fmt.Errorf("invalid values.yaml file: %w", err)
 			}
 			chartValuesValid = true
@@ -148,9 +149,14 @@ func (c *HelmChartCrafter) craftLocalHelmChart(ctx context.Context, filepath str
 }
 
 // validateYamlFile validates the YAML file just by trying to unmarshal it
-func (c *HelmChartCrafter) validateYamlFile(r io.Reader) error {
+func (c *HelmChartCrafter) validateYamlFile(r io.Reader, allowEmpty bool) error {
 	v := make(map[string]interface{})
 	if err := yaml.NewDecoder(r).Decode(v); err != nil {
+		// io.EOF means the file is empty or contains only comments
+		// This is valid for values.yaml
+		if errors.Is(err, io.EOF) && allowEmpty {
+			return nil
+		}
 		return fmt.Errorf("failed to unmarshal YAML file: %w", err)
 	}
 
diff --git a/pkg/attestation/crafter/materials/helmchart_test.go b/pkg/attestation/crafter/materials/helmchart_test.go
index 66af7c58b..9799806a5 100644
--- a/pkg/attestation/crafter/materials/helmchart_test.go
+++ b/pkg/attestation/crafter/materials/helmchart_test.go
@@ -102,6 +102,12 @@ func TestHelmChartCraft(t *testing.T) {
 			wantDigest:   "sha256:08a46a850789938ede61d6a53552f48cb8ba74c4e17dcf30c9c50e5783ca6a13",
 			wantFilename: "valid-chart.tgz",
 		},
+		{
+			name:         "chart with empty values.yaml",
+			filePath:     "./testdata/empty-values.tgz",
+			wantDigest:   "sha256:6c5bc910da7ecb00aa1c7be70e51db237d129e3f41ff6ada1d11ea402ff7082e",
+			wantFilename: "empty-values.tgz",
+		},
 	}
 
 	assert := assert.New(t)
diff --git a/pkg/attestation/crafter/materials/testdata/empty-values.tgz b/pkg/attestation/crafter/materials/testdata/empty-values.tgz
new file mode 100644
index 000000000..908224310
Binary files /dev/null and b/pkg/attestation/crafter/materials/testdata/empty-values.tgz differ