VYPR
Moderate severityNVD Advisory· Published Jan 28, 2026· Updated Jan 29, 2026

CVE-2025-57283

CVE-2025-57283

Description

The Node.js package browserstack-local 1.5.8 contains a command injection vulnerability. This occurs because the logfile variable is not properly sanitized in lib/Local.js.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
browserstack-localnpm
< 1.5.91.5.9

Affected products

1

Patches

Vulnerability mechanics

References

5

News mentions

0

No linked articles in our index yet.