CVE-2026-41042: Apache Gravitino unauthenticated H2 JDBC URL injection via testConnection API
CVE-2026-41042 is verified against apache/gravitino · github affected versions: Apache Gravitino before 1.2.1 fixed version: 1.2.1 This low reproduction includes runnable sandbox proof, artifacts, and a plain-text agent view under REPRO-2026-00276.
pruva-verify REPRO-2026-00276 curl -O https://pruva.dev/api/v1/reproductions/REPRO-2026-00276/artifacts/bundle/repro/reproduction_steps.sh && chmod +x reproduction_steps.sh && ./reproduction_steps.sh Unauthenticated callers can supply a malicious H2 JDBC URL through the testConnection API (or catalog creation) that executes arbitrary Java code on the server via H2's INIT parameter. The vulnerability is in DataSourceUtils.createDataSource() in gravitino-catalog-jdbc-common, which is the entry point for all user-facing catalog JDBC connections and did not validate/block H2 URLs or H2 driver class names. H2's INIT parameter allows arbitrary SQL (and Java code via CREATE ALIAS) to execute at connection time. Affects Apache Gravitino before 1.2.1.
Variant analysis
The agent's step-by-step process — every tool call, every handoff, the moment the exploit fired. Phases: support triages the advisory · repro reproduces it · vuln_variant confirms the fix blocks it · judge verifies.
Loading session...
Scripts, logs, diffs, and output captured during the reproduction.