CVE-2025-57283

[twesterhuys]

A Code Injection CVE currently exists against latest browserstack-local, now showing up in scanners such as Dependabot.

See:

• https://nvd.nist.gov/vuln/detail/CVE-2025-57283
• GHSA-g4w6-c99w-4wh7

[browserstack-support]

Hello Browserstack, Thank you for reaching out to BrowserStack Support. We acknowledge your issue - 1564702. We are reviewing the details provided on the ticket and will reach out to you if more data is needed for troubleshooting. Please let us know if you have any more questions, we will be happy to help. Regards, Gaurav Singh, Senior Support Engineer - Automation (Mon - Fri : 12:00 - 21:00 IST)   Help Desk | Join our Community Get free Testing Toolkit extension for all your manual testing needs Get started for free On Fri, 30 Jan at 4:16 PM , browserstack/browserstack-local-nodejs ***@***.***> wrote: twesterhuys created an issue (browserstack/browserstack-local-nodejs#168) An open CVE currently exists against browserstack-local. See: https://email.browserstack.com/c/eJwczk2OpCAUAODT4A6DD_lbuJiZjEfobQfkKXQhVAmY1O07qQN8yecX4YRXAy6TkkYpzmcYwiLELI3drHeKoZiZNWLbNzcLrsA65Ya4SKM2YyaPku38GxgDv6GwUutJc2b1WKPHR3zR_cJXx9zo7umz-F7R1jbR08YsqEsdqTRabtoZ5ah5NdBkZnjamMb9who81se4lXNIS2jtWQn_Q2AlsObbjznWNh7lJrDePWUCq8dmYyKw_vv6T4GBoEKB5sO1XPhMbwJ_7emOLLIsPBzpnct8hQbd_8iz5h1vl0MoWZbw6GRmHzQesYXuPot7gd8AAAD__6hPYnQ — Reply to this email directly, view it on GitHub, or unsubscribe. You are receiving this because you are subscribed to this thread.Message ID: ***@***.***>