CVE lookup
CVE-2026-25244
Pruva has a verified reproduction for CVE-2026-25244: @wdio/browserstack-service: OS command injection via crafted git branch name. The canonical evidence record is REPRO-2026-00143.
REPRO
REPRO-2026-00143
Package
@wdio/browserstack-service · npm
Severity
CRITICAL
Status
published