Lucene search
K

1358 matches found

ATTACKERKB
ATTACKERKB
β€’added 2026/06/02 8:34 p.m.β€’13 views

CVE-2026-49144

BrowserStack Runner through 0.9.5 contains a path traversal vulnerability in the default HTTP handler in lib/server.js that allows unauthenticated network-adjacent attackers to read arbitrary files. Attackers can exploit the unauthenticated HTTP server bound on all interfaces to traverse outside...

7.1CVSS5.9AI score0.00208EPSS
Exploits0References3
CVE
CVE
β€’added 2026/06/02 8:34 p.m.β€’28 views

CVE-2026-49144

CVE-2026-49144 : BrowserStack Runner 0.9.5 contains a path traversal vulnerability in the _default HTTP handler (lib/server.js) that allows unauthenticated attackers on the network-adjacent interface to read arbitrary files outside the project root. The description notes an unauthenticated HTTP s...

7.1CVSS5.9AI score0.00208EPSS
Exploits0References2
Vulnrichment
Vulnrichment
β€’added 2026/06/02 8:34 p.m.β€’13 views

CVE-2026-49144 BrowserStack Runner 0.9.5 Path Traversal via _default HTTP Handler

BrowserStack Runner through 0.9.5 contains a path traversal vulnerability in the default HTTP handler in lib/server.js that allows unauthenticated network-adjacent attackers to read arbitrary files. Attackers can exploit the unauthenticated HTTP server bound on all interfaces to traverse outside...

7.1CVSS5.9AI score0.00208EPSS
Exploits0References2
Cvelist
Cvelist
β€’added 2026/06/02 8:34 p.m.β€’42 views

CVE-2026-49144 BrowserStack Runner 0.9.5 Path Traversal via _default HTTP Handler

BrowserStack Runner through 0.9.5 contains a path traversal vulnerability in the default HTTP handler in lib/server.js that allows unauthenticated network-adjacent attackers to read arbitrary files. Attackers can exploit the unauthenticated HTTP server bound on all interfaces to traverse outside...

7.1CVSS0.00208EPSS
Exploits0References2
Vulnrichment
Vulnrichment
β€’added 2026/06/02 8:31 p.m.β€’9 views

CVE-2026-49143 BrowserStack Runner 0.9.5 Unauthenticated RCE via /_log HTTP Handler

BrowserStack Runner through 0.9.5 contains a remote code execution vulnerability in the /log HTTP handler that allows unauthenticated network-adjacent attackers to execute arbitrary code by submitting crafted JSON request bodies to the handler, which passes user-supplied data to vm.runInNewContex...

8.8CVSS6.7AI score0.00392EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
β€’added 2026/06/02 8:31 p.m.β€’14 views

CVE-2026-49143

BrowserStack Runner through 0.9.5 contains a remote code execution vulnerability in the /log HTTP handler that allows unauthenticated network-adjacent attackers to execute arbitrary code by submitting crafted JSON request bodies to the handler, which passes user-supplied data to vm.runInNewContex...

8.8CVSS6.7AI score0.00392EPSS
Exploits0References3
CVE
CVE
β€’added 2026/06/02 8:31 p.m.β€’45 views

CVE-2026-49143

CVE-2026-49143 affects BrowserStack Runner up to version 0.9.5. The vulnerability is in the /_log HTTP handler, permitting unauthenticated, network-adjacent attackers to achieve remote code execution by sending crafted JSON bodies that are passed to vm.runInNewContext() with eval(); attackers can...

8.8CVSS6.7AI score0.00392EPSS
Exploits0References2
Cvelist
Cvelist
β€’added 2026/06/02 8:31 p.m.β€’39 views

CVE-2026-49143 BrowserStack Runner 0.9.5 Unauthenticated RCE via /_log HTTP Handler

BrowserStack Runner through 0.9.5 contains a remote code execution vulnerability in the /log HTTP handler that allows unauthenticated network-adjacent attackers to execute arbitrary code by submitting crafted JSON request bodies to the handler, which passes user-supplied data to vm.runInNewContex...

8.8CVSS0.00392EPSS
Exploits0References2
CNNVD
CNNVD
β€’added 2026/06/02 12:0 a.m.β€’4 views

BrowserStack Runner 代码注ε…₯漏洞

BrowserStack Runner is an open-source browser testing command-line tool developed by BrowserStack. Versions of BrowserStack Runner prior to 0.9.5 contained a code injection vulnerability. This vulnerability stems from the log HTTP handler, where data provided by users is passed to...

8.8CVSS6AI score0.00392EPSS
Exploits0References2
CNNVD
CNNVD
β€’added 2026/06/02 12:0 a.m.β€’7 views

BrowserStack Runner θ·―εΎ„ιεŽ†ζΌζ΄ž

BrowserStack Runner is an open-source browser testing command-line tool developed by BrowserStack. Versions of BrowserStack Runner prior to 0.9.5 contained a path traversal vulnerability. This vulnerability originated from the default HTTP handler in lib/server.js, which allowed for path traversa...

7.1CVSS5.5AI score0.00208EPSS
Exploits0References2
Positive Technologies
Positive Technologies
β€’added 2026/06/02 12:0 a.m.β€’18 views

PT-2026-45857

Name of the Vulnerable Software and Affected Versions BrowserStack Runner versions prior to 0.9.6 Description An issue in the / log HTTP handler allows unauthenticated network-adjacent attackers to execute arbitrary code on the host system. The handler processes JSON request bodies by passing...

8.8CVSS6.8AI score0.00392EPSS
Exploits0References8
vulnersOsv
vulnersOsv
β€’added 2026/06/01 2:15 p.m.β€’5 views

mahoraga (>=0.5.1 <=0.6.0), pixi-browse (>=0.0.1 <=0.0.13) +2 more potentially affected by CVE-2026-47425 via py-rattler (>=0.22.0 <=0.23.2)

py-rattler PYPI version =0.22.0, =0.5.1, =0.0.1, =0.1.0, =0.8.0 Source cves: CVE-2026-47425 Source advisory: OSV:GHSA-Q53Q-5R4J-5729...

5.7AI score0.00058EPSS
Exploits0
GithubExploit
GithubExploit
β€’added 2026/05/30 6:16 p.m.β€’121 views

cyanide

Cyanide By @zeroxjf β€” an iOS...

5.8AI score
Exploits0
Wolfi
Wolfi
β€’added 2026/05/30 1:48 a.m.β€’15 views

GHSA-WGQ9-QP63-G8J3 vulnerabilities

Vulnerabilities for packages: gitlab-runner...

5.8AI score
Exploits0
Wolfi
Wolfi
β€’added 2026/05/30 1:48 a.m.β€’19 views

GHSA-R38R-HVG8-XQHF vulnerabilities

Vulnerabilities for packages: gitlab-runner...

5.8AI score
Exploits0
Wolfi
Wolfi
β€’added 2026/05/30 1:48 a.m.β€’25 views

CVE-2026-8716 vulnerabilities

Vulnerabilities for packages: gitlab-runner...

4.3CVSS5.8AI score0.00187EPSS
Exploits0
Wolfi
Wolfi
β€’added 2026/05/30 1:48 a.m.β€’19 views

GHSA-5P55-QCQV-882W vulnerabilities

Vulnerabilities for packages: gitlab-runner...

5.8AI score
Exploits0
Wolfi
Wolfi
β€’added 2026/05/30 1:48 a.m.β€’25 views

CVE-2026-1402 vulnerabilities

Vulnerabilities for packages: gitlab-runner...

6.5CVSS5.8AI score0.00471EPSS
Exploits0
Wolfi
Wolfi
β€’added 2026/05/30 1:48 a.m.β€’19 views

CVE-2026-6713 vulnerabilities

Vulnerabilities for packages: gitlab-runner...

5.3CVSS5.8AI score0.00322EPSS
Exploits0
Chainguard
Chainguard
β€’added 2026/05/30 1:18 a.m.β€’19 views

GHSA-WGQ9-QP63-G8J3 vulnerabilities

Vulnerabilities for packages: gitlab-runner-fips, gitlab-cng, gitlab-rails-ce-fips, gitlab-rails-ce, gitlab-runner, gitlab-cng-fips...

5.9AI score
Exploits0
Rows per page
Query Builder