CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2025-57283

The Node.js package browserstack-local 1.5.8 contains a command injection vulnerability. This occurs because the logfile variable is not properly sanitized in lib/Local.js.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 21.9%

CVSS Severity

CVSS v3 Score 7.8

References

https://gist.github.com/Dremig/b639c61541dd1482007dc7a5cd7fefb1
https://www.npmjs.com

Products affected by CVE-2025-57283

Browserstack » Browserstack-Local » Version: 1.5.8

cpe:2.3:a:browserstack:browserstack-local:1.5.8

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2025-57283

Products

Pricing

Contact Us