Main Vulnerability Database Vulnerabilities #VU124720

#VU124720 Embedded malicious code (backdoor) in axios

Published: March 31, 2026

Vulnerability identifier: #VU124720

Vulnerability risk: Critical

CVSSv4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:A/U:Red

CVE-ID: N/A

CWE-ID: CWE-506

Exploitation vector: Remote access

Exploit availability: The vulnerability is being exploited in the wild

Vulnerable software:
axios

Software vendor:
axios

Description

The vulnerability allows a remote attacker to gain unauthorized access to the application.

The vulnerability exists due to presence of embedded malicious functionality in the application code (aka backdoor) that allows a remote attacker to gain unauthorized access to the application. Attacker compromised axios repository and introduced a new dependency plain-crypto-js.

Remediation

The vendor recommend using older versions of the software: 1.14.0 and 0.30.3.

External links

https://www.endorlabs.com/learn/npm-axios-compromise
https://www.aikido.dev/blog/axios-npm-compromised-maintainer-hijacked-rat
https://www.stepsecurity.io/blog/axios-compromised-on-npm-malicious-versions-drop-remote-access-trojan

#VU124720 Embedded malicious code (backdoor) in axios

Description

Remediation

External links

Please verify you're human