Lucene search
K

1351 matches found

RedhatCVE
RedhatCVE
added 2026/06/05 7:16 p.m.9 views

CVE-2026-42234

n8n is an open source workflow automation platform. Prior to versions 1.123.32, 2.17.4, and 2.18.1, an authenticated user with permission to create or modify workflows containing a Python Code Node could escape the sandbox and achieve arbitrary code execution on the task runner container. This...

8.8CVSS6.1AI score0.00377EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:16 p.m.10 views

CVE-2026-42088

OpenC3 COSMOS provides the functionality needed to send commands to and receive data from one or more embedded systems. Prior to version 7.0.0-rc3, the Script Runner widget allows users to execute Python and Ruby scripts directly from the openc3-COSMOS-script-runner-api container. Because all the...

9.6CVSS5.6AI score0.00341EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:11 p.m.6 views

CVE-2026-44334

PraisonAI is a multi-agent teams system. From version 4.5.139 to before version 4.6.32, CVE-2026-40287's fix gated tools.py auto-import behind PRAISONAIALLOWLOCALTOOLS=true in two files toolresolver.py, api/call.py. A third import sink in praisonai/templates/tooloverride.py was missed and remains...

8.4CVSS5.6AI score0.00246EPSS
Exploits2References1
OSV
OSV
added 2026/06/05 4:25 p.m.6 views

GHSA-8V3Q-9VMX-36VC DbGate: Unauthenticated Remote Code Execution via JSON Script Runner

Summary DbGate's JSON script runner POST /runners/start allows remote code execution via code injection in the functionName parameter of JSON script assign commands. The functionName value is interpolated directly into dynamically generated JavaScript source code via string concatenation. The...

10CVSS6.4AI score0.00336EPSS
Exploits1References4
Positive Technologies
Positive Technologies
added 2026/06/05 12:0 a.m.7 views

PT-2026-49158

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=519671967 Crash type: Stack-buffer-overflow READ 1 Crash state: log4cxx::helpers::Transcoder::decode TranscoderFuzzer.cpp CentipedeRunnerMain...

5.2AI score
Exploits0References2
OSV
OSV
added 2026/06/03 9:39 p.m.12 views

GHSA-6VR3-7WCX-V5G5 browserstack-runner vulnerable to Remote Code Execution via vm sandbox escape in _log HTTP handler

Summary The HTTP handler /log in lib/server.js lines 491–515 of browserstack-runner passes unauthenticated user-supplied data to vm.runInNewContext combined with eval, enabling a sandbox escape and arbitrary code execution on the host system. Details When browserstack-runner starts, it creates an...

8.8CVSS6.5AI score0.00392EPSS
Exploits0References4
vulnersOsv
vulnersOsv
added 2026/06/03 9:39 p.m.5 views

browserstack-tape-runner (>=1.0.0 <=3.0.0), duplo (>=1.6.11 <=1.9.1) +4 more potentially affected by CVE-2026-49143 via browserstack-runner (>=0.2.1 <=0.9.4)

browserstack-runner NPM version =0.2.1, =1.0.0, =1.6.11, =0.1.4, =0.1.1, =2.0.2 - run-browserstack-tests =1.0.2 - yasmf-localization =0.0.2 Source cves: CVE-2026-49143 Source advisory: OSV:GHSA-6VR3-7WCX-V5G5...

8.8CVSS5.4AI score0.00392EPSS
Exploits0
Github Security Blog
Github Security Blog
added 2026/06/03 9:39 p.m.13 views

browserstack-runner vulnerable to Remote Code Execution via vm sandbox escape in _log HTTP handler

Summary The HTTP handler /log in lib/server.js lines 491–515 of browserstack-runner passes unauthenticated user-supplied data to vm.runInNewContext combined with eval, enabling a sandbox escape and arbitrary code execution on the host system. Details When browserstack-runner starts, it creates an...

8.8CVSS6.5AI score0.00392EPSS
Exploits0References4Affected Software1
EUVD
EUVD
added 2026/06/03 9:38 p.m.14 views

EUVD-2026-34031

browserstack-runner has an unauthenticated arbitrary file read via path traversal in HTTP server...

7.1CVSS5.9AI score0.00208EPSS
Exploits0References3
vulnersOsv
vulnersOsv
added 2026/06/03 9:38 p.m.6 views

browserstack-tape-runner (>=1.0.0 <=3.0.0), duplo (>=1.6.11 <=1.9.1) +4 more potentially affected by CVE-2026-49144 via browserstack-runner (>=0.2.1 <=0.9.4)

browserstack-runner NPM version =0.2.1, =1.0.0, =1.6.11, =0.1.4, =0.1.1, =2.0.2 - run-browserstack-tests =1.0.2 - yasmf-localization =0.0.2 Source cves: CVE-2026-49144 Source advisory: OSV:GHSA-8RPW-6CQH-2V9H...

7.1CVSS5.4AI score0.00208EPSS
Exploits0
OSV
OSV
added 2026/06/03 9:38 p.m.9 views

GHSA-8RPW-6CQH-2V9H browserstack-runner has an unauthenticated arbitrary file read via path traversal in HTTP server

Summary The HTTP server in browserstack-runner serves files from the project directory via the default handler. This handler uses path.joinprocess.cwd, uri to resolve file paths but does not validate that the resulting path stays within the project root. Combined with the server binding on 0.0.0....

7.1CVSS6AI score0.00208EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/06/03 12:0 a.m.16 views

PT-2026-46088

Summary The HTTP server in browserstack-runner serves files from the project directory via the default handler. This handler uses path.joinprocess.cwd, uri to resolve file paths but does not validate that the resulting path stays within the project root. Combined with the server binding on 0.0.0....

7.1CVSS6AI score0.00208EPSS
Exploits0References5
NVD
NVD
added 2026/06/02 9:16 p.m.11 views

CVE-2026-49143

BrowserStack Runner through 0.9.5 contains a remote code execution vulnerability in the /log HTTP handler that allows unauthenticated network-adjacent attackers to execute arbitrary code by submitting crafted JSON request bodies to the handler, which passes user-supplied data to vm.runInNewContex...

8.8CVSS0.00392EPSS
Exploits0References2
NVD
NVD
added 2026/06/02 9:16 p.m.17 views

CVE-2026-49144

BrowserStack Runner through 0.9.5 contains a path traversal vulnerability in the default HTTP handler in lib/server.js that allows unauthenticated network-adjacent attackers to read arbitrary files. Attackers can exploit the unauthenticated HTTP server bound on all interfaces to traverse outside...

7.1CVSS0.00208EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/06/02 8:34 p.m.11 views

CVE-2026-49144 BrowserStack Runner 0.9.5 Path Traversal via _default HTTP Handler

BrowserStack Runner through 0.9.5 contains a path traversal vulnerability in the default HTTP handler in lib/server.js that allows unauthenticated network-adjacent attackers to read arbitrary files. Attackers can exploit the unauthenticated HTTP server bound on all interfaces to traverse outside...

7.1CVSS5.9AI score0.00208EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/06/02 8:34 p.m.41 views

CVE-2026-49144 BrowserStack Runner 0.9.5 Path Traversal via _default HTTP Handler

BrowserStack Runner through 0.9.5 contains a path traversal vulnerability in the default HTTP handler in lib/server.js that allows unauthenticated network-adjacent attackers to read arbitrary files. Attackers can exploit the unauthenticated HTTP server bound on all interfaces to traverse outside...

7.1CVSS0.00208EPSS
Exploits0References2
CVE
CVE
added 2026/06/02 8:34 p.m.23 views

CVE-2026-49144

CVE-2026-49144 : BrowserStack Runner 0.9.5 contains a path traversal vulnerability in the _default HTTP handler (lib/server.js) that allows unauthenticated attackers on the network-adjacent interface to read arbitrary files outside the project root. The description notes an unauthenticated HTTP s...

7.1CVSS5.9AI score0.00208EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/06/02 8:34 p.m.13 views

CVE-2026-49144

BrowserStack Runner through 0.9.5 contains a path traversal vulnerability in the default HTTP handler in lib/server.js that allows unauthenticated network-adjacent attackers to read arbitrary files. Attackers can exploit the unauthenticated HTTP server bound on all interfaces to traverse outside...

7.1CVSS5.9AI score0.00208EPSS
Exploits0References3
CVE
CVE
added 2026/06/02 8:31 p.m.45 views

CVE-2026-49143

CVE-2026-49143 affects BrowserStack Runner up to version 0.9.5. The vulnerability is in the /_log HTTP handler, permitting unauthenticated, network-adjacent attackers to achieve remote code execution by sending crafted JSON bodies that are passed to vm.runInNewContext() with eval(); attackers can...

8.8CVSS6.7AI score0.00392EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/06/02 8:31 p.m.38 views

CVE-2026-49143 BrowserStack Runner 0.9.5 Unauthenticated RCE via /_log HTTP Handler

BrowserStack Runner through 0.9.5 contains a remote code execution vulnerability in the /log HTTP handler that allows unauthenticated network-adjacent attackers to execute arbitrary code by submitting crafted JSON request bodies to the handler, which passes user-supplied data to vm.runInNewContex...

8.8CVSS0.00392EPSS
Exploits0References2
Rows per page
Query Builder