1350 matches found
CVE-2026-49143
CVE-2026-49143 affects BrowserStack Runner up to version 0.9.5. The vulnerability is in the /_log HTTP handler, permitting unauthenticated, network-adjacent attackers to achieve remote code execution by sending crafted JSON bodies that are passed to vm.runInNewContext() with eval(); attackers can...
PT-2026-45857
Name of the Vulnerable Software and Affected Versions BrowserStack Runner versions prior to 0.9.6 Description An issue in the / log HTTP handler allows unauthenticated network-adjacent attackers to execute arbitrary code on the host system. The handler processes JSON request bodies by passing...
BrowserStack Runner θ·―εΎιεζΌζ΄
BrowserStack Runner is an open-source browser testing command-line tool developed by BrowserStack. Versions of BrowserStack Runner prior to 0.9.5 contained a path traversal vulnerability. This vulnerability originated from the default HTTP handler in lib/server.js, which allowed for path traversa...
BrowserStack Runner 代η 注ε ₯ζΌζ΄
BrowserStack Runner is an open-source browser testing command-line tool developed by BrowserStack. Versions of BrowserStack Runner prior to 0.9.5 contained a code injection vulnerability. This vulnerability stems from the log HTTP handler, where data provided by users is passed to...
mahoraga (>=0.5.1 <=0.6.0), pixi-browse (>=0.0.1 <=0.0.13) +2 more potentially affected by CVE-2026-47425 via py-rattler (>=0.22.0 <=0.23.2)
py-rattler PYPI version =0.22.0, =0.5.1, =0.0.1, =0.1.0, =0.8.0 Source cves: CVE-2026-47425 Source advisory: OSV:GHSA-Q53Q-5R4J-5729...
cyanide
Cyanide By @zeroxjf β an iOS...
CVE-2026-8716 vulnerabilities
Vulnerabilities for packages: gitlab-runner...
CVE-2026-1402 vulnerabilities
Vulnerabilities for packages: gitlab-runner...
CVE-2026-6713 vulnerabilities
Vulnerabilities for packages: gitlab-runner...
GHSA-WGQ9-QP63-G8J3 vulnerabilities
Vulnerabilities for packages: gitlab-runner...
GHSA-R38R-HVG8-XQHF vulnerabilities
Vulnerabilities for packages: gitlab-runner...
GHSA-5P55-QCQV-882W vulnerabilities
Vulnerabilities for packages: gitlab-runner...
GHSA-WGQ9-QP63-G8J3 vulnerabilities
Vulnerabilities for packages: gitlab-runner-fips, gitlab-cng, gitlab-rails-ce, gitlab-cng-fips, gitlab-rails-ce-fips, gitlab-runner...
GHSA-R38R-HVG8-XQHF vulnerabilities
Vulnerabilities for packages: gitlab-runner-fips, gitlab-cng, gitlab-rails-ce, gitlab-cng-fips, gitlab-rails-ce-fips, gitlab-runner...
GHSA-5P55-QCQV-882W vulnerabilities
Vulnerabilities for packages: gitlab-runner-fips, gitlab-cng, gitlab-rails-ce, gitlab-cng-fips, gitlab-rails-ce-fips, gitlab-runner...
CVE-2026-8716 vulnerabilities
Vulnerabilities for packages: gitlab-runner-fips, gitlab-cng, gitlab-rails-ce, gitlab-cng-fips, gitlab-rails-ce-fips, gitlab-runner...
CVE-2026-6713 vulnerabilities
Vulnerabilities for packages: gitlab-runner-fips, gitlab-cng, gitlab-rails-ce, gitlab-cng-fips, gitlab-rails-ce-fips, gitlab-runner...
CVE-2026-1402 vulnerabilities
Vulnerabilities for packages: gitlab-runner-fips, gitlab-cng, gitlab-rails-ce, gitlab-cng-fips, gitlab-rails-ce-fips, gitlab-runner...
@aiconnect/codelets-runner (>=0.1.0 <=0.2.0), @cairncms/api (>=1.0.0-beta.1 <=1.0.0-beta.4) +23 more potentially affected by CVE-2026-47209 via vm2 (>=3.0.0 <=3.11.3)
vm2 NPM version =3.0.0, =0.1.0, =1.0.0-beta.1, =3.0.46, =0.1.0, =1.0.0, =1.1.15, =1.27.8, =1.0.0-beta.1, =1.1.0, =0.2.0, =0.1.64, =0.1.61, =0.1.65 and more Source cves: CVE-2026-47209 Source advisory: SNYK:JS-VM2-17111325...
CVE-2026-5817
The vllm-metal inference backend in Docker Model Runner on macOS unconditionally sets trustremotecode=True when loading model tokenizers, and runs without sandboxing. This causes transformers.AutoTokenizer.frompretrained to import and execute arbitrary Python files included in any model pulled fr...