Astra Linux – Vulnerability in Firefox

The Remote Agent, used in WebDriver, did not validate the Host or Origin headers. This could have allowed websites to connect back locally to the user’s browser to control it. This bug only affected Firefox when WebDriver was enabled, which is not the default configuration.. This vulnerability...

Selenium Grid/Selenoid Unauthenticated RCE

Selenium Grid and Selenoid expose a WebDriver API that allows creating browser sessions with arbitrary capabilities. When deployed without authentication the default for both, an attacker can achieve remote code execution through two browser-specific techniques: For Chrome, the goog:chromeOptions...

@activepieces/piece-google-gemini (=0.1.6), @activepieces/piece-google-vertexai (=0.1.2) +9 more potentially affected by CVE-2026-33750 via brace-expansion (>=2.0.0 <=2.0.2)

brace-expansion NPM version =2.0.0, =0.2.1, =1.16.0, =1.0.1, =0.0.20, =15.0.0 - fluid-webdriver =1.1.2 - nx-cargo =1.0.0-alpha.2 Source cves: CVE-2026-33750 Source advisory: SNYK:JS-BRACEEXPANSION-15789759...

@activepieces/piece-google-gemini (=0.1.6), @activepieces/piece-google-vertexai (=0.1.2) +9 more potentially affected by CVE-2026-33750 via brace-expansion (>=2.0.0 <=2.0.2)

brace-expansion NPM version =2.0.0, =0.2.1, =1.16.0, =1.0.1, =0.0.20, =15.0.0 - fluid-webdriver =1.1.2 - nx-cargo =1.0.0-alpha.2 Source cves: CVE-2026-33750 Source advisory: OSV:GHSA-F886-M6HF-6M8V...

Astra Linux - уязвимость в zabbix

The webdriver for the Browser object expects an error object to be initialized when the webdriversessionquery function fails. But this function can fail for various reasons without an error description and then the wd-error will be NULL and trying to read from it will result in a crash...

EUVD-2025-176435

Malicious code in semantic-release-webdriver-mocha-holography-init npm...

EUVD-2025-179477

Malicious code in cryptography-webdriver-manager-schema-test npm...

EUVD-2025-175602

Malicious code in webdriver-mocha-nightwatch-cosmiconfig-despina npm...

Malicious code in procyon-spectron-webdriver-nestjs-gridsome (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 26bbd9161c64afc49fa855f2f702c58f7550b71f364944f0224c1323aa0cd7e3 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

EUVD-2025-176114

Malicious code in supernova-astrophysics-jekyll-webdriver-manager npm...

EUVD-2025-177438

Malicious code in ophiuchus-spectron-webdriver-sedna-halley npm...

EUVD-2025-175614

Malicious code in webdriver-manager-neptune-vulcan-scorpius npm...

EUVD-2025-176257

Malicious code in spectroscopy-webdriver-manager-await-bootstrap npm...

EUVD-2025-176105

Malicious code in supernova-webdriver-mocha-centauri-vega npm...

EUVD-2025-175608

Malicious code in webdriver-mocha-apollo-server-shelljs npm...

EUVD-2025-175615

Malicious code in webdriver-manager-ethology-kastra-biotechnology npm...

EUVD-2025-176151

Malicious code in subscription-nightmare-nightmare-webdriver-manager npm...

EUVD-2025-177849

Malicious code in meteor-spectron-webdriver-ignite-spawn npm...

EUVD-2025-177371

Malicious code in paleoclimatology-izar-coronalmassejection-webdriver-mocha npm...

EUVD-2025-178337

Malicious code in iota-sedna-public-webdriver-mocha npm...