Skip to content

CVE lookup

CVE-2026-25244

Pruva has a verified reproduction for CVE-2026-25244: @wdio/browserstack-service: OS command injection via crafted git branch name. The canonical evidence record is REPRO-2026-00143.

REPRO

REPRO-2026-00143

Package

@wdio/browserstack-service · npm

Severity

CRITICAL

Status

published