CVE-2025-57283 | THREATINT

Description

The Node.js package browserstack-local 1.5.8 contains a command injection vulnerability. This occurs because the logfile variable is not properly sanitized in lib/Local.js.

PUBLISHED Reserved 2025-08-17 | Published 2026-01-28 | Updated 2026-01-29 | Assigner mitre

References

www.npmjs.com

gist.github.com/Dremig/b639c61541dd1482007dc7a5cd7fefb1

cve.org (CVE-2025-57283)

nvd.nist.gov (CVE-2025-57283)

Download JSON