Skip to main content

Documentation Index

Fetch the complete documentation index at: https://docs.cveplayground.com/llms.txt

Use this file to discover all available pages before exploring further.

Most issues fall into one of four buckets: sandbox, sign in, lost progress, or a browser quirk. Start with the symptom that matches yours.

Sandbox issues

The sandbox does not start

The card shows starting for a long time, then flips to failed. Try retrying once. Cold starts occasionally miss; a single retry resolves it almost every time. If the second attempt also fails, wait a couple of minutes and try once more. Repeated failures after a few minutes usually mean the platform is under load or that specific lab has an infrastructure issue. Contact support with the lab CVE ID.

The sandbox is running but does not respond

The URL loads slowly or returns errors that are not part of the bug you are working on. Stop the sandbox and launch a new one. The new container is fresh. Most stuck states do not survive a restart. If the second container has the same problem, the lab itself may be broken; report it.

The sandbox URL works but the bug does not fire

You ran the reproduction exactly as described and nothing happens. A few things to check:
  • Are you on the right lab page? It is easy to have two open and run the reproduction against the wrong sandbox.
  • Did you copy the payload cleanly? Some terminals or PDF readers replace characters silently (smart quotes for plain quotes, em-dashes for double dashes). Retype the payload by hand.
  • Restart the sandbox. If you have already exploited the bug once in a way that crashed something, the second attempt might fail because the app is in a weird state.
If you have done all three and the bug still does not fire, contact support with the CVE ID. The reproduction in the lab might be out of date.

The sandbox expired in the middle of work

Time budget ran out. The container is gone. Launch a new one. Your question progress is saved against your account, not against the sandbox; you have not lost any answers.

Sign in issues

Auth0 throws an error

The landing page shows a banner with an error message after you tried to sign in. The most common causes:
  • You cancelled the flow halfway through. Try again.
  • You denied permissions on a social login. Try again and grant them this time, or use a different login method.
  • Your password is wrong. Use the Auth0 reset link.
  • 2FA failed. Make sure your authenticator app is on the correct time.
If the error message is something cryptic and unhelpful, copy the full message and send it to support.

The handle picker says my handle is taken

It probably is. Try a variant, or one of the suggestions. If the handle you want is on a long inactive account, that is not enough to free it. The only way a handle becomes available again is if the account is deleted.

I get signed out unexpectedly

Auth0 sessions usually last for weeks. If you are getting bounced back to the sign in screen mid session, the most likely cause is your browser clearing cookies, third party cookie blocking, or strict privacy settings. If you are on Safari and using Private Relay or Hide My Email, those features can interfere with Auth0. Try a regular browser session to confirm.

Lost progress

A lab I finished is showing as in progress

This should not happen. If it does, send the CVE ID to support. Question completion is recorded server side and should be durable. In the meantime: the lab data itself is fine. You can re-answer the questions if you want, but it will not give you XP again (XP only awards on the first correct attempt).

My streak reset and I think I worked yesterday

The most common cause: time zone. The streak rolls over in your configured time zone, which defaults to UTC. If you set the time zone correctly, the streak math lines up with the days you actually worked. If the time zone is right and the streak still reset incorrectly, contact support.

My XP went down

XP does not go down. If the number on your profile is lower than it was, refresh the page; you are probably looking at a cached number. If it is still lower after a refresh, that is a real bug; report it.

Browser quirks

The page renders weirdly

The platform supports current versions of Chrome, Firefox, Safari, and Edge. Older browsers (more than a year out of date) may render layouts badly. If you are on a current browser and something looks broken, a hard refresh (Ctrl+Shift+R or Cmd+Shift+R) clears the local cache and usually fixes it.

Dark mode is doing something strange

The platform follows your system theme by default. If you want to override it, that is in settings on the roadmap; today, change your OS theme.

Browser extensions break the app

Some content blockers and privacy extensions over-block. Common offenders:
  • Ad blockers that block Sentry or Microsoft Clarity. The platform still works, but error reports do not reach the team.
  • Privacy extensions that block Auth0 cookies. Sign in fails.
  • Extensions that modify pages (dark reader, etc.) can break the markdown renderer.
If something is misbehaving, try a private window with no extensions. If the issue goes away, an extension is the cause.

Contacting support

If none of the above works, contact@cveplayground.com. Useful information to include:
  • Your handle.
  • The CVE ID of the lab or challenge involved.
  • The browser and operating system.
  • A screenshot of any error message.
  • What you expected versus what happened.
Support responds within a day or two for most issues.

Sandboxes

How sandboxes are supposed to work.

FAQ

Common questions about the platform.