742 matches found
Astra Linux – Vulnerability in Firefox
The Remote Agent, used in WebDriver, did not validate the Host or Origin headers. This could have allowed websites to connect back locally to the user’s browser to control it. This bug only affected Firefox when WebDriver was enabled, which is not the default configuration.. This vulnerability...
Selenium Grid/Selenoid Unauthenticated RCE
Selenium Grid and Selenoid expose a WebDriver API that allows creating browser sessions with arbitrary capabilities. When deployed without authentication the default for both, an attacker can achieve remote code execution through two browser-specific techniques: For Chrome, the goog:chromeOptions...
@activepieces/piece-google-gemini (=0.1.6), @activepieces/piece-google-vertexai (=0.1.2) +9 more potentially affected by CVE-2026-33750 via brace-expansion (>=2.0.0 <=2.0.2)
brace-expansion NPM version =2.0.0, =0.2.1, =1.16.0, =1.0.1, =0.0.20, =15.0.0 - fluid-webdriver =1.1.2 - nx-cargo =1.0.0-alpha.2 Source cves: CVE-2026-33750 Source advisory: SNYK:JS-BRACEEXPANSION-15789759...
@activepieces/piece-google-gemini (=0.1.6), @activepieces/piece-google-vertexai (=0.1.2) +9 more potentially affected by CVE-2026-33750 via brace-expansion (>=2.0.0 <=2.0.2)
brace-expansion NPM version =2.0.0, =0.2.1, =1.16.0, =1.0.1, =0.0.20, =15.0.0 - fluid-webdriver =1.1.2 - nx-cargo =1.0.0-alpha.2 Source cves: CVE-2026-33750 Source advisory: OSV:GHSA-F886-M6HF-6M8V...
Astra Linux - уязвимость в zabbix
The webdriver for the Browser object expects an error object to be initialized when the webdriversessionquery function fails. But this function can fail for various reasons without an error description and then the wd-error will be NULL and trying to read from it will result in a crash...
EUVD-2025-175603
Malicious code in webdriver-mocha-isostasy-arcturus-eslint-config npm...
EUVD-2025-180495
Malicious code in aether-procyon-charon-spectron-webdriver npm...
EUVD-2025-179271
Malicious code in dorado-spectron-webdriver-spectron-cache npm...
EUVD-2025-179439
Malicious code in cygnus-umbra-webdriver-mocha-docusaurus npm...
EUVD-2025-176023
Malicious code in telesto-dotenv-safe-webdriver-mocha-jwt npm...
EUVD-2025-175601
Malicious code in webdriver-mocha-scripts-hadron-augmentedreality npm...
Malicious code in cygnus-umbra-webdriver-mocha-docusaurus (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 314812afef770b2c68933860419ecd93f198f59bd1b7fbef389f9ff3aeb0ab01 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-185952 Malicious code in bunyan-spectron-webdriver-less-magellan (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ea996c13b6b5a184710be958777615f73170e5e8f3a5e8fb00260064a7d769c0 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-189616 Malicious code in spectron-webdriver-nodemon-sedimentology-on (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 60e790ec19781e6bae0e122b31564bb4f314ef39cee5af5b11865dd3d38e722a This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-189222 Malicious code in restart-warp-webdriver-mocha-sync (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 95bf93b3651fd9e5262e28a4c025dfe14338cabf906f3143dad4f1a1cf765f46 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
EUVD-2025-180039
Malicious code in blackhole-jupiter-spectron-webdriver-meteor npm...
EUVD-2025-176653
Malicious code in restart-warp-webdriver-mocha-sync npm...
EUVD-2025-178269
Malicious code in jovian-postgres-webdriver-mocha-await npm...
EUVD-2025-177025
Malicious code in procyon-spectron-webdriver-nestjs-gridsome npm...
EUVD-2025-176105
Malicious code in supernova-webdriver-mocha-centauri-vega npm...