CVE-2026-48546

KanaDojo before 0.1.18 contains a sandbox escape vulnerability that allows an attacker to execute arbitrary code by exploiting the explicit passing of the global require function into a Node.js vm.runInNewContext sandbox context in the issue-auto-respond.yml workflow. Attackers can submit a pull...

browserstack-runner vulnerable to Remote Code Execution via vm sandbox escape in _log HTTP handler

Summary The HTTP handler /log in lib/server.js lines 491–515 of browserstack-runner passes unauthenticated user-supplied data to vm.runInNewContext combined with eval, enabling a sandbox escape and arbitrary code execution on the host system. Details When browserstack-runner starts, it creates an...

CVE-2026-49143

CVE-2026-49143 affects BrowserStack Runner up to version 0.9.5. The vulnerability is in the /_log HTTP handler, permitting unauthenticated, network-adjacent attackers to achieve remote code execution by sending crafted JSON bodies that are passed to vm.runInNewContext() with eval(); attackers can...

CVE-2026-49143 BrowserStack Runner 0.9.5 Unauthenticated RCE via /_log HTTP Handler

BrowserStack Runner through 0.9.5 contains a remote code execution vulnerability in the /log HTTP handler that allows unauthenticated network-adjacent attackers to execute arbitrary code by submitting crafted JSON request bodies to the handler, which passes user-supplied data to vm.runInNewContex...

Duplicate Advisory: OpenClaw: Unrecognized script runners could bypass `system.run` approval integrity

Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-qc36-x95h-7j53. This link is maintained to preserve external references. Original Description OpenClaw before 2026.3.11 contains an approval integrity vulnerability where system.run approvals fail to bind mutabl...

SUSE CVE-2024-40908

In the Linux kernel, the following vulnerability has been resolved: bpf: Set run context for rawtp testrun callback syzbot reported crash when rawtp program executed through the testrun interface calls bpfgetattachcookie helper or any other helper that touches task-bpfctx pointer. Setting the run...

DEBIAN-CVE-2024-40908

In the Linux kernel, the following vulnerability has been resolved: bpf: Set run context for rawtp testrun callback syzbot reported crash when rawtp program executed through the testrun interface calls bpfgetattachcookie helper or any other helper that touches task-bpfctx pointer. Setting the run...

CVE-2024-40908 bpf: Set run context for rawtp test_run callback

In the Linux kernel, the following vulnerability has been resolved: bpf: Set run context for rawtp testrun callback syzbot reported crash when rawtp program executed through the testrun interface calls bpfgetattachcookie helper or any other helper that touches task-bpfctx pointer. Setting the run...