{
  "cve": "CVE-2026-5199",
  "description": "Temporal Server batcher worker cross-namespace authorization bypass",
  "reproduction_method": "Real Temporal server (SQLite in-memory) with forged BatchOperationInput injected via StartWorkflowExecution to temporal-sys-batch-workflow-protobuf",
  "vulnerable_version": "v1.29.4",
  "fixed_version": "v1.29.5",
  "vulnerable_test_result": "pass",
  "fixed_test_result": "fail",
  "vulnerability_confirmed": true,
  "fix_verified": true,
  "logs": {
    "vulnerable_repro": "/root/.pruva/runs/cve-2026-5199-batcher_20260528-160814/logs/vuln_repro.log",
    "fixed_repro": "/root/.pruva/runs/cve-2026-5199-batcher_20260528-160814/logs/fix_repro.log"
  }
}