Axios vulnerability PoC exposed

Axios users are racing to patch after a public proof of concept showed how the library can turn a bug elsewhere in a JavaScript app into remote code execution or cloud credential theft. (github.com) Axios is a tool developers use to make web requests from browsers and servers. GitHub and the National Vulnerability Database say CVE-2026-40175 affects Axios versions before 1.15.0 and 0.31.0, with a critical score of 9.9 from GitHub and 10.0 in the Common Vulnerability Scoring System entry carried by the National Vulnerability Database. (github.com) (nvd.nist.gov) The bug is not a simple “send bad input to Axios” flaw. The advisory says an attacker first needs prototype pollution — a way of sneaking values into JavaScript’s shared object template through another dependency — and Axios then copies those values into request headers without stripping carriage return and line feed characters. (github.com) (security.snyk.io) That matters because HTTP headers are the labels attached to a web request, and carriage return and line feed characters can split one request into several. GitHub’s advisory says that lets polluted header values become a request-smuggling chain that can inject headers, reach internal services, and in some cases bypass Amazon Web Services Instance Metadata Service version 2 protections. (github.com) The published proof of concept shows the attack with a hardcoded `axios.get` call that looks safe in application code. In the example, a polluted `x-amz-target` header is turned into a forged `PUT /latest/api/token` request to `169.254.169.254`, the link-local address used by Amazon Web Services metadata services. (github.com 1) (github.com 2) GitHub published the Axios advisory on April 10, 2026. The National Vulnerability Database record says fixes are available in Axios 1.15.0 and 0.31.0, and the npm package index shows 1.15.0 was published days later as the latest release. (github.com) (nvd.nist.gov) (npmjs.com) Axios maintainers bundled this fix with another critical Axios issue, CVE-2025-62718, in the 1.15.0 release. The release notes say version 1.15.0 shipped with two critical security patches, which means many teams updating now are closing more than one server-side request forgery path at once. (github.com) (nvd.nist.gov) The exposure is widest in Node.js services, where Axios opens outbound network connections from backend code. GitHub’s advisory says the chain can start with “zero direct user input” to Axios itself, because the polluted values can come from packages such as query parsers elsewhere in the dependency tree. (github.com 1) (github.com 2) For defenders, the immediate steps are concrete: upgrade Axios to 1.15.0 or 0.31.0, inspect lockfiles for older transitive copies, and rotate or audit Amazon Web Services credentials if vulnerable servers could have reached metadata endpoints. The opening lesson in the proof of concept is that a routine web request can become the last link in a much larger supply-chain attack. (nvd.nist.gov) (npmjs.com)