CyberSec.Space Logo
Back to CVE Browser

CVE-2026-48723

HIGH
7.8
CVSS Severity Score
EPSS Score0.1850%
EPSS Percentile14.13th
PublishedJun 15, 2026
Last ModifiedJun 15, 2026

Vulnerability Description

The browserstack-cypress-cli is BrowserStack's CLI which allows users to run Cypress tests on BrowserStack. Versions prior to 1.36.4 are vulnerable to OS command injection via the cypress_config_file configuration parameter. In readCypressConfigUtil.js, the loadJsFile() function constructs a shell command by interpolating the user-controlled cypress_config_filepath value into a template literal, then executes it via child_process.execSync(). Shell metacharacters in the config path (specifically " and ;) allow breaking out of the quoted argument and injecting arbitrary commands. This issue has been fixed in version 1.36.6.

Affected Platforms (CPE)

No CPE configurations currently published for this record.

References & Advisories

🔗 https://github.com/browserstack/browserstack-cypress-cli/commit/6dbf8f9374c0e25eac818fbcb95f5705ded71710
🔗 https://github.com/browserstack/browserstack-cypress-cli/security/advisories/GHSA-fh4c-mffm-8xhf

Related Vulnerabilities

CVE-2026-53430

Improper Handling of Highly Compressed Data (Data Amplification) vulnerability in elixir-grpc grpc (GRPC.Compressor.Gzip, GRPC.Mes...

CVE-2026-48854

Allocation of Resources Without Limits or Throttling vulnerability in elixir-grpc grpc allows unauthenticated attackers to exhaust...

CVE-2026-48853

Deserialization of Untrusted Data and Allocation of Resources Without Limits or Throttling vulnerabilities in elixir-grpc grpc all...

CVE-2026-48599

Authorization Bypass Through User-Controlled Key vulnerability in elixir-grpc grpc allows authenticated attackers to access or mod...