Skip to content
Verified reproduction

CVE-2026-41042: Apache Gravitino unauthenticated H2 JDBC URL injection via testConnection API

CVE-2026-41042 is verified against apache/gravitino · github affected versions: Apache Gravitino before 1.2.1 fixed version: 1.2.1 This low reproduction includes runnable sandbox proof, artifacts, and a plain-text agent view under REPRO-2026-00276.

REPRO-2026-00276 apache/gravitino · github Variant found Jul 9, 2026 .txt
Severity LOW
Confidence HIGH
Reproduced in 22m 47s
Tool calls 308
Spend $5.32
Affected Apache Gravitino before 1.2.1
Fixed in 1.2.1
$ pruva-verify REPRO-2026-00276
or curl -O https://pruva.dev/api/v1/reproductions/REPRO-2026-00276/artifacts/bundle/repro/reproduction_steps.sh && chmod +x reproduction_steps.sh && ./reproduction_steps.sh
Run in a VM or disposable container. This exploits a real vulnerability.
02 · The vulnerability

Unauthenticated callers can supply a malicious H2 JDBC URL through the testConnection API (or catalog creation) that executes arbitrary Java code on the server via H2's INIT parameter. The vulnerability is in DataSourceUtils.createDataSource() in gravitino-catalog-jdbc-common, which is the entry point for all user-facing catalog JDBC connections and did not validate/block H2 URLs or H2 driver class names. H2's INIT parameter allows arbitrary SQL (and Java code via CREATE ALIAS) to execute at connection time. Affects Apache Gravitino before 1.2.1.

03 · Root cause
Variant analysis
04 · Reproduction transcript

The agent's step-by-step process — every tool call, every handoff, the moment the exploit fired. Phases: support triages the advisory · repro reproduces it · vuln_variant confirms the fix blocks it · judge verifies.

Loading session...

05 · Artifacts

Scripts, logs, diffs, and output captured during the reproduction.