Axios library zero-day risk

Axios, one of the most widely used JavaScript tools for making web requests, shipped a critical fix in version 1.15.0 after a newly disclosed flaw let attackers turn another bug elsewhere in an app into remote code execution or cloud credential theft. (github.com) Axios is the package many Node.js services use to send application programming interface calls. GitHub’s advisory for CVE-2026-40175 says affected versions are older than 1.15.0, and the National Vulnerability Database says the issue is fixed in 1.15.0 and 0.31.0. (github.com) (nvd.nist.gov) The bug is not a simple “send one bad request” flaw. GitHub said Axios can act as a “gadget,” meaning an attacker first pollutes JavaScript’s shared object template through some other vulnerable dependency, then Axios unknowingly picks up the poisoned values when it builds headers for an outbound request. (github.com) Headers are the labels attached to a web request, like address fields on an envelope. The advisory says Axios failed to strip carriage return and line feed characters from merged header values, which let a polluted header break one request into multiple requests — a technique known as request smuggling. (github.com) (security.snyk.io) That matters in cloud environments because many servers can reach internal-only services that outside users cannot. GitHub’s example shows a poisoned Axios header being used to send a forged PUT request to Amazon Web Services’ instance metadata service at 169.254.169.254. (github.com) Amazon Web Services’ newer metadata system, Instance Metadata Service Version 2, requires a session token created with a PUT request and a time-to-live header before metadata can be read. GitHub’s proof-of-concept uses that exact pattern, including the `X-aws-ec2-metadata-token-ttl-seconds` header set to 21,600 seconds. (docs.aws.amazon.com) (github.com) If that forged request succeeds, the attacker can obtain the token needed to query metadata and potentially steal Identity and Access Management credentials attached to the instance. GitHub scored the flaw critical at 9.9, while the National Vulnerability Database shows a 10.0 critical score from GitHub’s Common Vulnerability Scoring System submission. (github.com) (nvd.nist.gov) Snyk said exploitation depends on a prior prototype-pollution bug in another package and, for the cloud-credential path, on the application running in Amazon Web Services with metadata access enabled. Snyk also said one malformed-header path may be blocked in many setups by Node.js header validation, though the maintainer advisory describes broader impact including internal pivoting and authorization-header injection. (security.snyk.io) (github.com) Axios maintainers published the GitHub-reviewed advisory on April 10, 2026, and the project’s release page says version 1.15.0 includes two critical security patches. For teams running Node.js services, the immediate work is narrow but urgent: upgrade Axios, then check whether any service that makes outbound requests also carries older prototype-pollution-prone dependencies. (github.com 1) (github.com 2)