Astra Linux - уязвимость в firefox

Remote Agent, used in WebDriver, did not validate the Host or Origin headers. This could have allowed websites to connect back locally to the user's browser to control it. This bug only affected Firefox when WebDriver was enabled, which is not the default configuration.. This vulnerability affect...

Selenium Grid/Selenoid Unauthenticated RCE

Selenium Grid and Selenoid expose a WebDriver API that allows creating browser sessions with arbitrary capabilities. When deployed without authentication the default for both, an attacker can achieve remote code execution through two browser-specific techniques: For Chrome, the goog:chromeOptions...

@activepieces/piece-google-gemini (=0.1.6), @activepieces/piece-google-vertexai (=0.1.2) +9 more potentially affected by CVE-2026-33750 via brace-expansion (>=2.0.0 <=2.0.2)

brace-expansion NPM version =2.0.0, =0.2.1, =1.16.0, =1.0.1, =0.0.20, =15.0.0 - fluid-webdriver =1.1.2 - nx-cargo =1.0.0-alpha.2 Source cves: CVE-2026-33750 Source advisory: SNYK:JS-BRACEEXPANSION-15789759...

@activepieces/piece-google-gemini (=0.1.6), @activepieces/piece-google-vertexai (=0.1.2) +9 more potentially affected by CVE-2026-33750 via brace-expansion (>=2.0.0 <=2.0.2)

brace-expansion NPM version =2.0.0, =0.2.1, =1.16.0, =1.0.1, =0.0.20, =15.0.0 - fluid-webdriver =1.1.2 - nx-cargo =1.0.0-alpha.2 Source cves: CVE-2026-33750 Source advisory: OSV:GHSA-F886-M6HF-6M8V...

Astra Linux - уязвимость в zabbix

The webdriver for the Browser object expects an error object to be initialized when the webdriversessionquery function fails. But this function can fail for various reasons without an error description and then the wd-error will be NULL and trying to read from it will result in a crash...

EUVD-2025-178802

Malicious code in gacrux-betelgeuse-package-webdriver-manager npm...

EUVD-2025-175612

Malicious code in webdriver-manager-parcel-innercore-redgiant npm...

EUVD-2025-177326

Malicious code in parcel-farout-webdriver-manager-sails npm...

EUVD-2025-175616

Malicious code in webdriver-manager-deneb-nconf-outercore npm...

Malicious code in webdriver-manager-stratosphere-stratigraphy-stop (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0934643185b5cbcc16307cc870692bbaf0a0c6ef0085d73916acdc478aa082fa This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in meteor-spectron-webdriver-ignite-spawn (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7825fb698098acfc9237bd9d71a9037ffc59b30a8a2d44a9f74468e7506bfceb This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in sails-soap-link-webdriver-mocha (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a1eacbc309f43b7b1aa6ae69633d9efe8c8721438d82fdf6da228ed4f8738927 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

EUVD-2025-177260

Malicious code in perseus-cosmogenic-spectron-webdriver-meissa npm...

EUVD-2025-177849

Malicious code in meteor-spectron-webdriver-ignite-spawn npm...

EUVD-2025-175603

Malicious code in webdriver-mocha-isostasy-arcturus-eslint-config npm...

EUVD-2025-175601

Malicious code in webdriver-mocha-scripts-hadron-augmentedreality npm...

EUVD-2025-175617

Malicious code in webdriver-manager-cosmos-mongoose-got npm...

EUVD-2025-178269

Malicious code in jovian-postgres-webdriver-mocha-await npm...

EUVD-2025-176509

Malicious code in saturnology-webdriver-mocha-registry-blitz npm...

EUVD-2025-175624

Malicious code in wavefunction-prompts-webdriver-mocha-vuetify npm...