Critical Axios RCE vulnerability

Axios users are racing to patch after a public exploit appeared for CVE-2026-40175, a flaw fixed in version 1.15.0. (github.com) Axios is the JavaScript library many apps use to send web requests. GitHub’s advisory says every Axios version before 1.15.0 can turn prototype pollution elsewhere in a software stack into remote code execution or cloud credential theft. (github.com) Prototype pollution means an attacker plants hidden properties on JavaScript’s shared object blueprint, like changing a form template so every new form inherits a forged field. GitHub says Axios can merge those polluted properties into request headers inside `lib/adapters/http.js`. (github.com) Headers are the labels attached to a web request, and carriage return plus line feed characters can break those labels into extra requests. The National Vulnerability Database links this bug to improper neutralization of those characters and to request smuggling, where one request is split into two different interpretations. (nist.gov) GitHub’s proof of concept shows a polluted `x-amz-target` header being used to smuggle a `PUT` request to Amazon Web Services Instance Metadata Service version 2 at `169.254.169.254`, which can return temporary cloud credentials. GitHub rates the issue critical, and the National Vulnerability Database shows a Common Vulnerability Scoring System score of 10.0 from GitHub’s CNA record. (github.com) (nist.gov) The patch is already out. GitHub and the National Vulnerability Database both list Axios 1.15.0 as the fixed release, with references to the fix commit and the 1.15.0 release page. (github.com) (nvd.nist.gov) (github.com) There is also a dispute over how reachable the exploit is in real deployments. Axios maintainer Jason Saayman told Cybernews the chain “would be quite hard” to exploit because it first requires another package to pollute the prototype, and Aikido said standard Node.js blocks the malformed header characters the proof of concept depends on. (cybernews.com) (aikido.dev) Even with that caveat, the advisory did not get withdrawn, and the fix was shipped. NIST still lists the vulnerability as affecting Axios before 1.15.0, while GitHub’s advisory remains marked critical and updated within the past two days. (nvd.nist.gov) (github.com) The timing adds to the pressure on Axios users. On March 31, 2026, Saayman disclosed that malicious Axios versions 1.14.1 and 0.30.4 had been published during an npm account compromise, and Axios 1.15.0 now also carries security fixes for this newly disclosed flaw. (github.com 1) (github.com 2) For teams that still have Axios below 1.15.0 in production, the immediate step is simple even if the exploit path is debated: upgrade the library before a proof of concept turns into broader scanning. (github.com 1) (github.com 2)