The catalog
Browse Reproductions
191 verified reproductions
Popular records
Top viewed reproduction records
Frequently opened evidence pages with direct links to runnable proof and permanent REPRO IDs.
REPRO-2026-00281 Apache Kafka SASL/OAUTHBEARER accepts unvalidated JWTs REPRO-2026-00222 SimpleHelp OIDC authentication accepts unsigned/forged ID tokens, enabling remote authentication bypass and possible MFA bypass in versions 5.5.15 and earlier and 6.0 prereleases prior to the fixed release. REPRO-2026-00259 iCagenda unauthenticated file upload RCE in public event submission form REPRO-2026-00275 Coolify terminal WebSocket endpoints lack proper authorization checks, allowing low-privileged members to access terminal functionality and achieve remote command execution on managed hosts. REPRO-2026-00223 phpBB authentication bypass/account hijacking via OAuth login-link flow with arbitrary auth_provider=apache REPRO-2026-00258 Cudy LT300 3.0 OS command injection
191 reproductions
REPRO-2026-00168 published
DataEase: authentication bypass via password-derived HMAC JWT signing key
CVE-2026-23958 high Security
Variant found
github
dataease
100m 11s May 25, 2026
REPRO-2026-00167 published
DataEase: Quartz JobStore Java deserialization RCE via QRTZ_JOB_DETAILS
CVE-2026-40901 high Security github
dataease
179m 9s May 25, 2026
REPRO-2026-00165 published
DataEase: JDBC parameter blocklist bypass via Lombok @Data setter exposure
CVE-2026-40899 medium Security
Variant found
github
dataease
111m 23s May 25, 2026
REPRO-2026-00160 published
Arelle: unauthenticated RCE via /rest/configure plugins URL parameter
CVE-2026-42796 critical Security
Variant found
pip
arelle
48m 18s May 23, 2026
REPRO-2026-00159 published
libheif: heap-buffer-overflow write decoding 1x4 grid of odd-height tiles
CVE-2026-32740 high Security
Variant found
c
libheif
41m 53s May 23, 2026
REPRO-2026-00158 published
goshs: PUT upload accepts cross-origin requests without CSRF token
CVE-2026-42091 medium Security
Variant found
go
github.com/patrickhener/goshs
35m 17s May 23, 2026
REPRO-2026-00157 published
Fiber v3: cache middleware key collision leaks responses across different query strings
CVE-2026-30246 medium Security
Variant found
go
github.com/gofiber/fiber/v3
27m 11s May 23, 2026
REPRO-2026-00156 published
Yii2: local file inclusion via View::renderPhpFile extract() of caller-controlled params
CVE-2026-39850 high Security
Variant found
composer
yiisoft/yii2
15m 11s May 23, 2026
REPRO-2026-00155 published
gitoxide (gix-fs): symlink worktree escape on checkout writes files outside the worktree
CVE-2026-44471 high Security
Variant found
cargo
gix-fs
33m 22s May 22, 2026
REPRO-2026-00153 published
Jupyter Server: path traversal via faulty startswith() root containment check
CVE-2026-35397 high Security
Variant found
pip
jupyter-server
25m 14s May 22, 2026
REPRO-2026-00152 published
apko: symlink-following path traversal writes files outside the build root
CVE-2026-42574 high Security
Variant found
go
apko
20m 23s May 22, 2026
REPRO-2026-00151 published
Twig: sandbox bypass via SourcePolicy filter check enables arbitrary PHP callables
CVE-2026-24425 high Security
Variant found
composer
twig/twig
13m 7s May 22, 2026
REPRO-2026-00150 published
PhpSpreadsheet: SSRF via unsafe stream wrapper in IOFactory::load()
CVE-2026-34084 critical Security
Variant found
composer
phpoffice/phpspreadsheet
12m 53s May 22, 2026
REPRO-2026-00149 published
PraisonAI: ZipSlip path traversal via unchecked tar symlink linkname in _safe_extractall
CVE-2026-44340 high Security
Variant found
pip
praisonai
17m 42s May 22, 2026
REPRO-2026-00148 published
Mistune: ReDoS via catastrophic backtracking in LINK_TITLE_RE
CVE-2026-33079 high Security
Variant found
pip
mistune
14m 50s May 22, 2026
REPRO-2026-00147 published
Faraday: SSRF via protocol-relative URL overriding base authority
CVE-2026-25765 medium Security
Variant found
rubygems
faraday
10m 15s May 22, 2026
REPRO-2026-00146 published
fast-uri: host confusion via percent-encoded authority delimiter in normalize()
CVE-2026-6322 high Security
Variant found
npm
fast-uri
10m 18s May 22, 2026
REPRO-2026-00145 published
fast-uri: path traversal via percent-encoded segments decoded before normalization
CVE-2026-6321 high Security
Variant found
npm
fast-uri
10m 8s May 22, 2026
REPRO-2026-00144 published
phpMyFAQ: unauthenticated SQL injection via User-Agent header in captcha API
CVE-2026-46364 critical Security
Variant found
composer
thorsten/phpmyfaq
62m 14s May 22, 2026
REPRO-2026-00143 published
@wdio/browserstack-service: OS command injection via crafted git branch name
CVE-2026-25244 critical Security
Variant found
npm
@wdio/browserstack-service
59m 49s May 22, 2026