The catalog
Browse Reproductions
189 verified reproductions
Popular records
Top viewed reproduction records
Frequently opened evidence pages with direct links to runnable proof and permanent REPRO IDs.
REPRO-2026-00281 Apache Kafka SASL/OAUTHBEARER accepts unvalidated JWTs REPRO-2026-00222 SimpleHelp OIDC authentication accepts unsigned/forged ID tokens, enabling remote authentication bypass and possible MFA bypass in versions 5.5.15 and earlier and 6.0 prereleases prior to the fixed release. REPRO-2026-00259 iCagenda unauthenticated file upload RCE in public event submission form REPRO-2026-00275 Coolify terminal WebSocket endpoints lack proper authorization checks, allowing low-privileged members to access terminal functionality and achieve remote command execution on managed hosts. REPRO-2026-00223 phpBB authentication bypass/account hijacking via OAuth login-link flow with arbitrary auth_provider=apache REPRO-2026-00258 Cudy LT300 3.0 OS command injection
189 reproductions
REPRO-2026-00245 published
Coolify authenticated command injection in Destination Network Management
CVE-2026-34594 high Security
Variant found
coollabsio/coolify
50m 51s Jul 6, 2026
REPRO-2026-00244 published
Feast Feature Server unauthenticated arbitrary file write to RCE
CVE-2026-23537 critical Security
Variant found
github
feast-dev/feast
37m 2s Jul 6, 2026
REPRO-2026-00243 published
Keycloak JWT algorithm confusion privilege escalation
CVE-2026-11800 high Security
Variant found
github
keycloak/keycloak
46m 0s Jul 6, 2026
REPRO-2026-00242 published
SMS Alert WordPress plugin <= 3.9.5 allows unauthenticated attackers to change a user’s email and reset their password, leading to account takeover and privilege escalation when OTP password reset verification is enabled.
CVE-2026-11387 critical Security
Variant found
WordPress plugin (hosted on WordPress.org SVN, not GitHub)
sms-alert
22m 56s Jul 6, 2026
REPRO-2026-00241 published
SALESmanago & Leadoo WordPress plugin SQL injection
CVE-2026-10835 high Security
Variant found
Unknown/SALESmanago & Leadoo
50m 2s Jul 6, 2026
REPRO-2026-00240 published
Langflow OSS SSRF and privilege escalation
CVE-2026-10129 high Security
Variant found
langflow/langflow
56m 49s Jul 6, 2026
REPRO-2026-00239 published
WP Review Slider Pro SQL injection
CVE-2026-8441 high Security
Variant found
https://wpreviewslider.com//WP Review Slider Pro
42m 0s Jul 6, 2026
REPRO-2026-00238 published
OpenBMB ChatDev unauthenticated path traversal file upload
CVE-2026-58166 critical Security
Variant found
github
OpenBMB/ChatDev
28m 27s Jul 6, 2026
REPRO-2026-00237 published
OpenZiti privilege escalation via overpermissive enrollment creation
CVE-2026-58165 high Security
Variant found
OpenZiti
22m 39s Jul 6, 2026
REPRO-2026-00236 published
Orkes Conductor unauthenticated RCE via inline script evaluators
CVE-2026-58138 critical Security
Variant found
conductor-oss/conductor (Orkes Conductor OSS)
24m 53s Jul 6, 2026
REPRO-2026-00235 published
PACSgear PACS Scan unauthenticated remote code execution
CVE-2026-58126 critical Security
Variant found
Hyland/PACSgear PACS Scan
64m 7s Jul 6, 2026
REPRO-2026-00234 published
Blocksy Companion Pro unauthenticated remote code execution
CVE-2026-57624 critical Security
Variant found
Creative Themes/Blocksy Companion Pro
37m 0s Jul 6, 2026
REPRO-2026-00233 published
Grav CMS unsafe deserialization and command injection RCE
CVE-2026-56700 critical Security
Variant found
getgrav/grav (Composer)
53m 20s Jul 6, 2026
REPRO-2026-00232 published
Page Builder CK unauthenticated arbitrary file upload to RCE
CVE-2026-56290 critical Security
Variant found
joomlack/page_builder_ck
23m 44s Jul 6, 2026
REPRO-2026-00231 published
HTTP/2 request smuggling in Vinyl Cache and Varnish Cache (VSV00019)
CVE-2026-50052 low Security
Variant found
github
varnish/varnish
28m 5s Jul 6, 2026
REPRO-2026-00230 published
Widget Options WordPress plugin contributor remote code execution
CVE-2026-54823 critical Security
Variant found
MarketingFire/Widget Options
28m 45s Jul 6, 2026
REPRO-2026-00229 published
CivetWeb PUT + SSI #exec RCE
CVE-VINEXT-CIVETWEB-PUT-SSI-RCE high Security
Variant found
github
civetweb/civetweb
34m 27s Jul 4, 2026
REPRO-2026-00228 published
nginx charset module segfaults when charset_map uses utf-8 as source charset, causing a NULL pointer dereference and DoS.
high Security generic
nginx
9m 18s Jul 4, 2026
REPRO-2026-00227 published
Grafana unified storage IAM service account listing lacked RBAC filtering, allowing low-privileged users to enumerate service accounts.
high Security Go
grafana/grafana
31m 40s Jul 4, 2026
REPRO-2026-00226 published
Grafana IAM LIST authorization could be bypassed for folder-scoped CRDs when a user had wildcard resource permissions, returning `All: true` without folder-level checks.
high Security Go
grafana/grafana
22m 1s Jul 4, 2026