Critical Axios library flaw

Axios, a core JavaScript tool for making web requests, has a newly disclosed flaw that can turn a separate bug elsewhere in an app into code execution or cloud credential theft. (github.com) The bug is tracked as CVE-2026-40175 and affects Axios versions before 1.15.0 and 0.31.0. The National Vulnerability Database says the issue was fixed in Axios 1.15.0 and 0.31.0, and GitHub rates it critical. (nvd.nist.gov) Axios is the software that many Node.js and browser apps use to send Hypertext Transfer Protocol requests. In the npm registry, Axios 1.15.0 is the latest release, and npm shows more than 174,000 dependent projects. (npmjs.com) The flaw is not a simple “send one bad input” bug. GitHub’s advisory says Axios can act like a reusable part in a larger attack chain: if another library lets an attacker tamper with JavaScript’s shared object template, Axios can pick up those poisoned values when it builds request headers. (github.com) Those headers are the labels attached to a web request, like an address label on a package. Snyk says Axios did not properly block carriage return and line feed characters in some merged header values, which can let attackers inject extra headers or smuggle a second request inside the first one. (security.snyk.io) That matters on cloud servers because many workloads can reach a special local address, 169.254.169.254, that returns instance metadata. GitHub’s advisory says the Axios chain can be used to bypass Amazon Web Services Instance Metadata Service Version 2 token protections and pull Identity and Access Management credentials. (github.com) Snyk adds an important caveat: exploitation depends on other conditions already being present. An attacker first needs a successful prototype-pollution bug in another dependency, and the metadata theft path also requires the app to run on Amazon Web Services with metadata access enabled and network reachability to that endpoint. (security.snyk.io) The severity scores differ by source. The National Vulnerability Database shows a 10.0 critical score from GitHub’s Common Vulnerability Scoring System Version 3.1 vector, while Snyk assigns a 7.0 score because it treats the attack as requiring special conditions. (nvd.nist.gov) (security.snyk.io) The timing also lands weeks after a separate Axios incident. Microsoft said malicious Axios npm packages were published on March 31, 2026 in a supply-chain attack, and one independent analysis noted this new CVE is unrelated to that compromise. (microsoft.com) (lilting.ch) For developers, the immediate step is simple even if the exploit chain is not: upgrade Axios to 1.15.0 or 0.31.0, then look for any dependency that could let attackers poison shared objects in the first place. (nvd.nist.gov) (security.snyk.io)