PatchSiren

appium CVE debriefs

These pages are published after PatchSiren validates generated defensive summaries against stored public CVE and source evidence.

MEDIUM appium CVE published 2026-07-08

CVE-2026-58191

CVE-2026-58191 is a reflected cross-site scripting vulnerability in Appium, a cross-platform automation framework. The issue allows for arbitrary JavaScript execution on the server origin due to improper escaping of user input in certain routes, including /test/guinea-pig, /test/guinea-pig-scrollable, and /test/guinea-pig-app-banner. This vulnerability has a CVSS score of 6.5 and is considered Medium seve [truncated]