VYPR

npm package

browserstack-local

pkg:npm/browserstack-local

Vulnerabilities (1)

  • CVE-2025-57283Jan 28, 2026
    affected < 1.5.9fixed 1.5.9

    The Node.js package browserstack-local 1.5.8 contains a command injection vulnerability. This occurs because the logfile variable is not properly sanitized in lib/Local.js.