Skip to content

CVE lookup

CVE-2026-23958

Pruva has a verified reproduction for CVE-2026-23958: DataEase: authentication bypass via password-derived HMAC JWT signing key. The canonical evidence record is REPRO-2026-00168.

REPRO

REPRO-2026-00168

Package

dataease · github

Severity

HIGH

Status

published