Package impact
npm / browserstack-runner
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2026-49143 | high | 8.8 | 8.8 | 2d ago | browserstack-runner vulnerable to Remote Code Execution via vm sandbox escape in _log HTTP handler | |||
| CVE-2026-49144 | medium | 6.5 | 6.5 | 2d ago | browserstack-runner has an unauthenticated arbitrary file read via path traversal in HTTP server |