Critical Axios vulnerability

Axios, a JavaScript tool used to make web requests, has a newly disclosed critical flaw that can turn a separate bug elsewhere in an app into remote code execution. (github.com) Axios is one of the most widely used Hypertext Transfer Protocol clients in JavaScript, with more than 174,000 dependent projects listed in the npm registry. GitHub published the advisory for CVE-2026-40175 on April 9, 2026, and the National Vulnerability Database says the fix is in version 1.15.0. (npmjs.com) (github.com) (nvd.nist.gov) The underlying issue starts with “prototype pollution,” a class of bug where an attacker sneaks values into JavaScript’s shared object template so later code inherits them by accident. GitHub’s advisory says Axios could then merge those polluted values into request headers and send them without filtering carriage return and line feed characters, the control characters that can split one web request into two. (github.com) (nvd.nist.gov) That matters because many defenses assume a server will only send the request a developer wrote. In the proof-of-concept described in the Axios advisory, a hardcoded request can be rewritten into a second hidden request to the Amazon Web Services instance metadata service at 169.254.169.254, which is where cloud servers can fetch temporary credentials. (github.com) GitHub rates the bug critical at 9.9, while the Common Vulnerability and Exposures record shows a 10.0 score from GitHub’s scoring authority. The National Vulnerability Database links the flaw to weaknesses for Hypertext Transfer Protocol header splitting and request smuggling, two techniques that can let attackers inject or disguise traffic inside trusted network paths. (github.com) (nvd.nist.gov) Axios itself is not described as the source of the initial prototype-pollution bug. The advisory says the chain begins if any other dependency in the application can poison `Object.prototype`, after which Axios becomes the “gadget,” or the innocent-looking code path that turns that foothold into a more serious compromise. (github.com) The patch line is unusually broad. GitHub’s advisory says affected versions span Axios 0.x through 1.x and lists 1.15.0 as the patched release, while npm shows 1.15.0 was published three days ago. (github.com) (npmjs.com) For developers, the immediate check is not just whether they import Axios directly, but whether it arrives through another package in the lockfile. The fix is straightforward on paper—upgrade to 1.15.0 or later—but the disclosure means teams now have to audit transitive dependencies before a public proof of concept gets copied into broader attacks. (github.com 1) (github.com 2)