Vulnerability-Lookup

CVE-2025-54313 (GCVE-0-2025-54313)

Vulnerability from cvelistv5 – Published: 2025-07-19 00:00 – Updated: 2026-01-23 04:55

Summary

eslint-config-prettier 8.10.1, 9.1.1, 10.1.6, and 10.1.7 has embedded malicious code for a supply chain compromise. Installing an affected package executes an install.js file that launches the node-gyp.dll malware on Windows.

Severity ?

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:H/A:N

CWE

CWE-506 - Embedded Malicious Code

Assigner

mitre

References

URL

Tags

	https://socket.dev/blog/npm-phishing-campaign-lea…
	https://www.bleepingcomputer.com/news/security/po…
	https://github.com/prettier/eslint-config-prettie…
	https://www.npmjs.com/package/eslint-config-prett…
	https://www.stepsecurity.io/blog/supply-chain-sec…
	https://news.ycombinator.com/item?id=44609732
	https://news.ycombinator.com/item?id=44608811

Impacted products

	Vendor	Product	Version
	prettier	eslint-config-prettier	Affected: 8.10.1 (semver) Affected: 9.1.1 (semver) Affected: 10.1.6 (semver) Affected: 10.1.7 (semver)

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2025-07-21T16:09:03.150Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "url": "https://github.com/community-scripts/ProxmoxVE/discussions/6115"
          },
          {
            "url": "https://www.endorlabs.com/learn/cve-2025-54313-eslint-config-prettier-compromise----high-severity-but-windows-only"
          }
        ],
        "title": "CVE Program Container",
        "x_generator": {
          "engine": "ADPogram 0.0.1"
        }
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-54313",
                "options": [
                  {
                    "Exploitation": "active"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-01-22T00:00:00+00:00",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          },
          {
            "other": {
              "content": {
                "dateAdded": "2026-01-22",
                "reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2025-54313"
              },
              "type": "kev"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-01-23T04:55:18.918Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "references": [
          {
            "tags": [
              "exploit"
            ],
            "url": "https://www.bleepingcomputer.com/news/security/popular-npm-linter-packages-hijacked-via-phishing-to-drop-malware/"
          },
          {
            "tags": [
              "government-resource"
            ],
            "url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2025-54313"
          }
        ],
        "timeline": [
          {
            "lang": "en",
            "time": "2026-01-22T00:00:00+00:00",
            "value": "CVE-2025-54313 added to CISA KEV"
          }
        ],
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "eslint-config-prettier",
          "vendor": "prettier",
          "versions": [
            {
              "status": "affected",
              "version": "8.10.1",
              "versionType": "semver"
            },
            {
              "status": "affected",
              "version": "9.1.1",
              "versionType": "semver"
            },
            {
              "status": "affected",
              "version": "10.1.6",
              "versionType": "semver"
            },
            {
              "status": "affected",
              "version": "10.1.7",
              "versionType": "semver"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "eslint-config-prettier 8.10.1, 9.1.1, 10.1.6, and 10.1.7 has embedded malicious code for a supply chain compromise. Installing an affected package executes an install.js file that launches the node-gyp.dll malware on Windows."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:H/A:N",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-506",
              "description": "CWE-506 Embedded Malicious Code",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-07-19T16:43:13.088Z",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "url": "https://socket.dev/blog/npm-phishing-campaign-leads-to-prettier-tooling-packages-compromise"
        },
        {
          "url": "https://www.bleepingcomputer.com/news/security/popular-npm-linter-packages-hijacked-via-phishing-to-drop-malware/"
        },
        {
          "url": "https://github.com/prettier/eslint-config-prettier/issues/339"
        },
        {
          "url": "https://www.npmjs.com/package/eslint-config-prettier?activeTab=versions"
        },
        {
          "url": "https://www.stepsecurity.io/blog/supply-chain-security-alert-eslint-config-prettier-package-shows-signs-of-compromise"
        },
        {
          "url": "https://news.ycombinator.com/item?id=44609732"
        },
        {
          "url": "https://news.ycombinator.com/item?id=44608811"
        }
      ],
      "x_generator": {
        "engine": "enrichogram 0.0.1"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2025-54313",
    "datePublished": "2025-07-19T00:00:00.000Z",
    "dateReserved": "2025-07-19T00:00:00.000Z",
    "dateUpdated": "2026-01-23T04:55:18.918Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2",
  "vulnerability-lookup:meta": {
    "cisa_known_exploited": {
      "cveID": "CVE-2025-54313",
      "cwes": "[\"CWE-506\"]",
      "dateAdded": "2026-01-22",
      "dueDate": "2026-02-12",
      "knownRansomwareCampaignUse": "Unknown",
      "notes": "This vulnerability could affect an open-source component, third-party library, protocol, or proprietary implementation that could be used by different products. For more information, please see: https://www.npmjs.com/package/eslint-config-prettier?activeTab=versions ; https://github.com/prettier/eslint-config-prettier/issues/339#issuecomment-3090304490 ; https://nvd.nist.gov/vuln/detail/CVE-2025-54313",
      "product": "eslint-config-prettier",
      "requiredAction": "Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.",
      "shortDescription": "Prettier eslint-config-prettier contains an embedded malicious code vulnerability. Installing an affected package executes an install.js file that launches the node-gyp.dll malware on Windows.",
      "vendorProject": "Prettier",
      "vulnerabilityName": "Prettier eslint-config-prettier Embedded Malicious Code Vulnerability"
    },
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://github.com/community-scripts/ProxmoxVE/discussions/6115\"}, {\"url\": \"https://www.endorlabs.com/learn/cve-2025-54313-eslint-config-prettier-compromise----high-severity-but-windows-only\"}], \"x_generator\": {\"engine\": \"ADPogram 0.0.1\"}, \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2025-07-21T16:09:03.150Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2025-54313\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"active\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2026-01-22T18:24:35.903130Z\"}}}, {\"other\": {\"type\": \"kev\", \"content\": {\"dateAdded\": \"2026-01-22\", \"reference\": \"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2025-54313\"}}}], \"references\": [{\"url\": \"https://www.bleepingcomputer.com/news/security/popular-npm-linter-packages-hijacked-via-phishing-to-drop-malware/\", \"tags\": [\"exploit\"]}, {\"url\": \"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2025-54313\", \"tags\": [\"government-resource\"]}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-07-23T14:44:00.748Z\"}, \"timeline\": [{\"lang\": \"en\", \"time\": \"2026-01-22T00:00:00+00:00\", \"value\": \"CVE-2025-54313 added to CISA KEV\"}]}], \"cna\": {\"metrics\": [{\"cvssV3_1\": {\"version\": \"3.1\", \"baseScore\": 7.5, \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:H/A:N\"}}], \"affected\": [{\"vendor\": \"prettier\", \"product\": \"eslint-config-prettier\", \"versions\": [{\"status\": \"affected\", \"version\": \"8.10.1\", \"versionType\": \"semver\"}, {\"status\": \"affected\", \"version\": \"9.1.1\", \"versionType\": \"semver\"}, {\"status\": \"affected\", \"version\": \"10.1.6\", \"versionType\": \"semver\"}, {\"status\": \"affected\", \"version\": \"10.1.7\", \"versionType\": \"semver\"}], \"defaultStatus\": \"unaffected\"}], \"references\": [{\"url\": \"https://socket.dev/blog/npm-phishing-campaign-leads-to-prettier-tooling-packages-compromise\"}, {\"url\": \"https://www.bleepingcomputer.com/news/security/popular-npm-linter-packages-hijacked-via-phishing-to-drop-malware/\"}, {\"url\": \"https://github.com/prettier/eslint-config-prettier/issues/339\"}, {\"url\": \"https://www.npmjs.com/package/eslint-config-prettier?activeTab=versions\"}, {\"url\": \"https://www.stepsecurity.io/blog/supply-chain-security-alert-eslint-config-prettier-package-shows-signs-of-compromise\"}, {\"url\": \"https://news.ycombinator.com/item?id=44609732\"}, {\"url\": \"https://news.ycombinator.com/item?id=44608811\"}], \"x_generator\": {\"engine\": \"enrichogram 0.0.1\"}, \"descriptions\": [{\"lang\": \"en\", \"value\": \"eslint-config-prettier 8.10.1, 9.1.1, 10.1.6, and 10.1.7 has embedded malicious code for a supply chain compromise. Installing an affected package executes an install.js file that launches the node-gyp.dll malware on Windows.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-506\", \"description\": \"CWE-506 Embedded Malicious Code\"}]}], \"providerMetadata\": {\"orgId\": \"8254265b-2729-46b6-b9e3-3dfca2d5bfca\", \"shortName\": \"mitre\", \"dateUpdated\": \"2025-07-19T16:43:13.088Z\"}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2025-54313\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2026-01-23T04:55:18.918Z\", \"dateReserved\": \"2025-07-19T00:00:00.000Z\", \"assignerOrgId\": \"8254265b-2729-46b6-b9e3-3dfca2d5bfca\", \"datePublished\": \"2025-07-19T00:00:00.000Z\", \"assignerShortName\": \"mitre\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }
  }
}

GHSA-F29H-PXVX-F335

Vulnerability from github – Published: 2025-07-19 18:30 – Updated: 2026-01-22 21:52

Summary

eslint-config-prettier, eslint-plugin-prettier, synckit, @pkgr/core, napi-postinstall have embedded malicious code

Details

Severity ?

7.5 (High)


                  
                    CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:H/A:N

Show details on source website

JSON

To clipboard

{
  "affected": [
    {
      "package": {
        "ecosystem": "npm",
        "name": "eslint-config-prettier"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "8.10.1"
            },
            {
              "fixed": "8.10.2"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ],
      "versions": [
        "8.10.1"
      ]
    },
    {
      "package": {
        "ecosystem": "npm",
        "name": "eslint-config-prettier"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "9.1.1"
            },
            {
              "fixed": "9.1.2"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ],
      "versions": [
        "9.1.1"
      ]
    },
    {
      "database_specific": {
        "last_known_affected_version_range": "\u003c= 10.1.7"
      },
      "package": {
        "ecosystem": "npm",
        "name": "eslint-config-prettier"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "10.1.6"
            },
            {
              "fixed": "10.1.8"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "database_specific": {
        "last_known_affected_version_range": "\u003c= 4.2.3"
      },
      "package": {
        "ecosystem": "npm",
        "name": "eslint-plugin-prettier"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "4.2.2"
            },
            {
              "fixed": "4.2.4"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "npm",
        "name": "synckit"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0.11.9"
            },
            {
              "fixed": "0.11.10"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ],
      "versions": [
        "0.11.9"
      ]
    },
    {
      "package": {
        "ecosystem": "npm",
        "name": "@pkgr/core"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0.2.8"
            },
            {
              "fixed": "0.2.9"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ],
      "versions": [
        "0.2.8"
      ]
    },
    {
      "package": {
        "ecosystem": "npm",
        "name": "napi-postinstall"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0.3.1"
            },
            {
              "fixed": "0.3.2"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ],
      "versions": [
        "0.3.1"
      ]
    },
    {
      "database_specific": {
        "last_known_affected_version_range": "\u003c= 5.1.12"
      },
      "package": {
        "ecosystem": "npm",
        "name": "got-fetch"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "5.1.11"
            },
            {
              "fixed": "6.0.0"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2025-54313"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-506"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2025-07-21T21:01:18Z",
    "nvd_published_at": "2025-07-19T17:15:23Z",
    "severity": "HIGH"
  },
  "details": "eslint-config-prettier 8.10.1, 9.1.1, 10.1.6, and 10.1.7 has embedded malicious code for a supply chain compromise. Installing an affected package executes an install.js file that launches the node-gyp.dll malware on Windows.",
  "id": "GHSA-f29h-pxvx-f335",
  "modified": "2026-01-22T21:52:56Z",
  "published": "2025-07-19T18:30:33Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-54313"
    },
    {
      "type": "WEB",
      "url": "https://github.com/prettier/eslint-config-prettier/issues/339"
    },
    {
      "type": "WEB",
      "url": "https://github.com/prettier/eslint-config-prettier/commit/9b0b0a47ec28a7a83cf65e8436a8776910379385"
    },
    {
      "type": "WEB",
      "url": "https://github.com/prettier/eslint-plugin-prettier/commit/ec39dd4400f10c52d10cd991c10fa8de51ceb854"
    },
    {
      "type": "WEB",
      "url": "https://github.com/un-ts/napi-postinstall/commit/38b4e95cf554e2549b9e1e2c4ff6bff4da9a65f9"
    },
    {
      "type": "WEB",
      "url": "https://github.com/un-ts/pkgr/commit/e1420c99e44d8a2ae949381f9fbe1af5ba9cb1dd"
    },
    {
      "type": "WEB",
      "url": "https://github.com/un-ts/synckit/commit/8f2ee32d4f75736a1c8d7e1101190a71e48909e4"
    },
    {
      "type": "WEB",
      "url": "https://www.stepsecurity.io/blog/supply-chain-security-alert-eslint-config-prettier-package-shows-signs-of-compromise"
    },
    {
      "type": "WEB",
      "url": "https://www.npmjs.com/package/eslint-config-prettier?activeTab=versions"
    },
    {
      "type": "WEB",
      "url": "https://www.endorlabs.com/learn/cve-2025-54313-eslint-config-prettier-compromise----high-severity-but-windows-only"
    },
    {
      "type": "WEB",
      "url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2025-54313"
    },
    {
      "type": "WEB",
      "url": "https://www.bleepingcomputer.com/news/security/popular-npm-linter-packages-hijacked-via-phishing-to-drop-malware"
    },
    {
      "type": "WEB",
      "url": "https://socket.dev/blog/npm-phishing-campaign-leads-to-prettier-tooling-packages-compromise"
    },
    {
      "type": "WEB",
      "url": "https://secure.software/npm/packages/got-fetch"
    },
    {
      "type": "WEB",
      "url": "https://news.ycombinator.com/item?id=44609732"
    },
    {
      "type": "WEB",
      "url": "https://news.ycombinator.com/item?id=44608811"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/prettier/eslint-config-prettier"
    },
    {
      "type": "WEB",
      "url": "https://github.com/community-scripts/ProxmoxVE/discussions/6115"
    },
    {
      "type": "WEB",
      "url": "https://checkmarx.com/zero-post/supply-chain-phishing-campaign-drops-more-malware-into-npm-got-fetch-5-1"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:H/A:N",
      "type": "CVSS_V3"
    }
  ],
  "summary": "eslint-config-prettier, eslint-plugin-prettier, synckit, @pkgr/core, napi-postinstall have embedded malicious code"
}

CERTFR-2026-AVI-0109

Vulnerability from certfr_avis - Published: 2026-01-30 - Updated: 2026-01-30

De multiples vulnérabilités ont été découvertes dans les produits IBM. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, une élévation de privilèges et un déni de service à distance.

Solutions

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

Impacted products

Vendor	Product	Description
IBM	QRadar	QRadar User Behavior Analytics versions antérieures à 5.1.0
IBM	Tivoli	Tivoli Application Dependency Discovery Manager version 7.3.0 sans le dernier correctif de sécurité
IBM	Db2	Db2 versions 12.1.x antérieures à 12.1.2 sans le correctif de sécurité #72296
IBM	Db2	DB2 Data Management Console versions 3.1.1x antérieures à 3.1.13.2
IBM	WebSphere	WebSphere Application Server version 9.0 avec IBM SDK, Java Technology Edition Version 8 SR8 FP 60
IBM	WebSphere	WebSphere Application Server version 8.5 avec IBM SDK, Java Technology Edition Version 8 SR8 FP 60
IBM	Db2	Db2 Big SQL on Cloud Pak for Data versions 7.8 sur Cloud Pak for Data 5.1 antérieures à 8.3 sur Cloud Pak for Data 5.3
IBM	Db2	Db2 versions 11.5.x antérieures à 11.5.9 sans le correctif de sécurité #66394
IBM	Db2	Db2 version 12.1.3 sans le correctif de sécurité #71609
IBM	Db2	Db2 Big SQL on Cloud Pak for Data versions 7.6 sur Cloud Pak for Data 4.8 antérieures à 8.3 sur Cloud Pak for Data 5.3
IBM	Db2	Db2 Big SQL on Cloud Pak for Data versions 8.2 sur Cloud Pak for Data 5.2 antérieures à 8.3 sur Cloud Pak for Data 5.3
IBM	WebSphere	WebSphere Application Server Liberty versions 17.0.0.3 à 26.0.0.1 sans le correctif de sécurité PH69485 ou antérieures à 26.0.0.2 (disponibilité prévue pour le premier trimestre 2026)
IBM	QRadar SIEM	QRadar SIEM versions 7.5.x antérieures à 7.5.0 UP14 IF04
IBM	Db2	Db2 Big SQL on Cloud Pak for Data versions 7.7 sur Cloud Pak for Data 5.0 antérieures à 8.3 sur Cloud Pak for Data 5.3

References

Title

Publication Time

Tags

Bulletin de sécurité IBM 5691194	2026-01-28	vendor-advisory
Bulletin de sécurité IBM 7258104	2026-01-27	vendor-advisory
Bulletin de sécurité IBM 7258234	2026-01-28	vendor-advisory
Bulletin de sécurité IBM 7258110	2026-01-27	vendor-advisory
Bulletin de sécurité IBM 7257910	2026-01-23	vendor-advisory
Bulletin de sécurité IBM 7257899	2026-01-23	vendor-advisory
Bulletin de sécurité IBM 7258042	2026-01-26	vendor-advisory
Bulletin de sécurité IBM 7257904	2026-01-23	vendor-advisory
Bulletin de sécurité IBM 7257903	2026-01-23	vendor-advisory
Bulletin de sécurité IBM 7257901	2026-01-23	vendor-advisory
Bulletin de sécurité IBM 7257898	2026-01-23	vendor-advisory
Bulletin de sécurité IBM 7257900	2026-01-23	vendor-advisory
Bulletin de sécurité IBM 7257978	2026-01-25	vendor-advisory
Bulletin de sécurité IBM 7257902	2026-01-23	vendor-advisory
Bulletin de sécurité IBM 7257519	2026-01-29	vendor-advisory
Bulletin de sécurité IBM 7258331	2026-01-29	vendor-advisory
Bulletin de sécurité IBM 7257633	2026-01-29	vendor-advisory
Bulletin de sécurité IBM 7258232	2026-01-28	vendor-advisory
Bulletin de sécurité IBM 7258224	2026-01-28	vendor-advisory
Bulletin de sécurité IBM 7257678	2026-01-29	vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "QRadar User Behavior Analytics versions ant\u00e9rieures \u00e0 5.1.0",
      "product": {
        "name": "QRadar",
        "vendor": {
          "name": "IBM",
          "scada": false
        }
      }
    },
    {
      "description": "Tivoli Application Dependency Discovery Manager version 7.3.0 sans le dernier correctif de s\u00e9curit\u00e9",
      "product": {
        "name": "Tivoli",
        "vendor": {
          "name": "IBM",
          "scada": false
        }
      }
    },
    {
      "description": "Db2 versions 12.1.x ant\u00e9rieures \u00e0 12.1.2 sans le correctif de s\u00e9curit\u00e9 #72296",
      "product": {
        "name": "Db2",
        "vendor": {
          "name": "IBM",
          "scada": false
        }
      }
    },
    {
      "description": "DB2 Data Management Console versions 3.1.1x ant\u00e9rieures \u00e0 3.1.13.2",
      "product": {
        "name": "Db2",
        "vendor": {
          "name": "IBM",
          "scada": false
        }
      }
    },
    {
      "description": "WebSphere Application Server version 9.0 avec IBM SDK, Java Technology Edition Version 8 SR8 FP 60",
      "product": {
        "name": "WebSphere",
        "vendor": {
          "name": "IBM",
          "scada": false
        }
      }
    },
    {
      "description": "WebSphere Application Server version 8.5 avec IBM SDK, Java Technology Edition Version 8 SR8 FP 60",
      "product": {
        "name": "WebSphere",
        "vendor": {
          "name": "IBM",
          "scada": false
        }
      }
    },
    {
      "description": "Db2 Big SQL on Cloud Pak for Data versions 7.8 sur Cloud Pak for Data 5.1 ant\u00e9rieures \u00e0 8.3 sur Cloud Pak for Data 5.3",
      "product": {
        "name": "Db2",
        "vendor": {
          "name": "IBM",
          "scada": false
        }
      }
    },
    {
      "description": "Db2 versions 11.5.x ant\u00e9rieures \u00e0 11.5.9 sans le correctif de s\u00e9curit\u00e9 #66394",
      "product": {
        "name": "Db2",
        "vendor": {
          "name": "IBM",
          "scada": false
        }
      }
    },
    {
      "description": "Db2 version 12.1.3 sans le correctif de s\u00e9curit\u00e9 #71609",
      "product": {
        "name": "Db2",
        "vendor": {
          "name": "IBM",
          "scada": false
        }
      }
    },
    {
      "description": "Db2 Big SQL on Cloud Pak for Data versions 7.6 sur Cloud Pak for Data 4.8 ant\u00e9rieures \u00e0 8.3 sur Cloud Pak for Data 5.3",
      "product": {
        "name": "Db2",
        "vendor": {
          "name": "IBM",
          "scada": false
        }
      }
    },
    {
      "description": "Db2 Big SQL on Cloud Pak for Data versions 8.2 sur Cloud Pak for Data 5.2 ant\u00e9rieures \u00e0 8.3 sur Cloud Pak for Data 5.3",
      "product": {
        "name": "Db2",
        "vendor": {
          "name": "IBM",
          "scada": false
        }
      }
    },
    {
      "description": "WebSphere Application Server Liberty versions 17.0.0.3 \u00e0 26.0.0.1 sans le correctif de s\u00e9curit\u00e9 PH69485 ou ant\u00e9rieures \u00e0 26.0.0.2 (disponibilit\u00e9 pr\u00e9vue pour le premier trimestre 2026)",
      "product": {
        "name": "WebSphere",
        "vendor": {
          "name": "IBM",
          "scada": false
        }
      }
    },
    {
      "description": "QRadar SIEM versions 7.5.x ant\u00e9rieures \u00e0 7.5.0 UP14 IF04",
      "product": {
        "name": "QRadar SIEM",
        "vendor": {
          "name": "IBM",
          "scada": false
        }
      }
    },
    {
      "description": "Db2 Big SQL on Cloud Pak for Data versions 7.7 sur Cloud Pak for Data 5.0 ant\u00e9rieures \u00e0 8.3 sur Cloud Pak for Data 5.3",
      "product": {
        "name": "Db2",
        "vendor": {
          "name": "IBM",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": "",
  "content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
  "cves": [
    {
      "name": "CVE-2025-2534",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-2534"
    },
    {
      "name": "CVE-2023-1370",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-1370"
    },
    {
      "name": "CVE-2016-2193",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-2193"
    },
    {
      "name": "CVE-2024-4068",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-4068"
    },
    {
      "name": "CVE-2022-2596",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-2596"
    },
    {
      "name": "CVE-2025-41234",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-41234"
    },
    {
      "name": "CVE-2025-46762",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-46762"
    },
    {
      "name": "CVE-2025-36131",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-36131"
    },
    {
      "name": "CVE-2025-56200",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-56200"
    },
    {
      "name": "CVE-2024-37071",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-37071"
    },
    {
      "name": "CVE-2019-9515",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-9515"
    },
    {
      "name": "CVE-2025-36384",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-36384"
    },
    {
      "name": "CVE-2024-47118",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-47118"
    },
    {
      "name": "CVE-2025-36184",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-36184"
    },
    {
      "name": "CVE-2022-25883",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-25883"
    },
    {
      "name": "CVE-2025-48050",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-48050"
    },
    {
      "name": "CVE-2025-24970",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-24970"
    },
    {
      "name": "CVE-2019-9514",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-9514"
    },
    {
      "name": "CVE-2025-41248",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-41248"
    },
    {
      "name": "CVE-2024-13009",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-13009"
    },
    {
      "name": "CVE-2025-57810",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-57810"
    },
    {
      "name": "CVE-2024-41761",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-41761"
    },
    {
      "name": "CVE-2025-58057",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-58057"
    },
    {
      "name": "CVE-2026-21925",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-21925"
    },
    {
      "name": "CVE-2025-22233",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-22233"
    },
    {
      "name": "CVE-2025-36136",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-36136"
    },
    {
      "name": "CVE-2024-38809",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38809"
    },
    {
      "name": "CVE-2024-4067",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-4067"
    },
    {
      "name": "CVE-2022-33987",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-33987"
    },
    {
      "name": "CVE-2024-30172",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-30172"
    },
    {
      "name": "CVE-2024-51744",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-51744"
    },
    {
      "name": "CVE-2024-38820",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38820"
    },
    {
      "name": "CVE-2024-45338",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-45338"
    },
    {
      "name": "CVE-2023-48795",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-48795"
    },
    {
      "name": "CVE-2024-10977",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-10977"
    },
    {
      "name": "CVE-2025-36006",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-36006"
    },
    {
      "name": "CVE-2024-48949",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-48949"
    },
    {
      "name": "CVE-2025-36186",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-36186"
    },
    {
      "name": "CVE-2025-7783",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-7783"
    },
    {
      "name": "CVE-2025-27152",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-27152"
    },
    {
      "name": "CVE-2025-12758",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-12758"
    },
    {
      "name": "CVE-2025-6493",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-6493"
    },
    {
      "name": "CVE-2025-33012",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-33012"
    },
    {
      "name": "CVE-2024-48948",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-48948"
    },
    {
      "name": "CVE-2025-64720",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-64720"
    },
    {
      "name": "CVE-2024-7348",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-7348"
    },
    {
      "name": "CVE-2022-37601",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-37601"
    },
    {
      "name": "CVE-2025-25977",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-25977"
    },
    {
      "name": "CVE-2024-10976",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-10976"
    },
    {
      "name": "CVE-2025-11083",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-11083"
    },
    {
      "name": "CVE-2024-6763",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-6763"
    },
    {
      "name": "CVE-2025-66471",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-66471"
    },
    {
      "name": "CVE-2026-21441",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-21441"
    },
    {
      "name": "CVE-2025-65018",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-65018"
    },
    {
      "name": "CVE-2025-55163",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-55163"
    },
    {
      "name": "CVE-2025-54313",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-54313"
    },
    {
      "name": "CVE-2025-66293",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-66293"
    },
    {
      "name": "CVE-2025-58457",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-58457"
    },
    {
      "name": "CVE-2025-66221",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-66221"
    },
    {
      "name": "CVE-2022-22968",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-22968"
    },
    {
      "name": "CVE-2025-39697",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-39697"
    },
    {
      "name": "CVE-2025-29907",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-29907"
    },
    {
      "name": "CVE-2024-47535",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-47535"
    },
    {
      "name": "CVE-2025-9086",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-9086"
    },
    {
      "name": "CVE-2024-41762",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-41762"
    },
    {
      "name": "CVE-2021-23413",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-23413"
    },
    {
      "name": "CVE-2025-26791",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-26791"
    },
    {
      "name": "CVE-2025-39971",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-39971"
    },
    {
      "name": "CVE-2019-9517",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-9517"
    },
    {
      "name": "CVE-2022-41721",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-41721"
    },
    {
      "name": "CVE-2025-58056",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-58056"
    },
    {
      "name": "CVE-2022-25881",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-25881"
    },
    {
      "name": "CVE-2024-38828",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38828"
    },
    {
      "name": "CVE-2024-57965",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-57965"
    },
    {
      "name": "CVE-2025-22869",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-22869"
    },
    {
      "name": "CVE-2024-10978",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-10978"
    },
    {
      "name": "CVE-2025-25193",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-25193"
    },
    {
      "name": "CVE-2026-21945",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-21945"
    },
    {
      "name": "CVE-2025-22870",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-22870"
    },
    {
      "name": "CVE-2023-2455",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-2455"
    },
    {
      "name": "CVE-2024-40679",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-40679"
    },
    {
      "name": "CVE-2025-5889",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-5889"
    },
    {
      "name": "CVE-2024-30171",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-30171"
    },
    {
      "name": "CVE-2019-9518",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-9518"
    },
    {
      "name": "CVE-2022-38900",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-38900"
    },
    {
      "name": "CVE-2025-14914",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-14914"
    },
    {
      "name": "CVE-2025-27789",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-27789"
    },
    {
      "name": "CVE-2025-48924",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-48924"
    },
    {
      "name": "CVE-2024-47072",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-47072"
    },
    {
      "name": "CVE-2025-41249",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-41249"
    },
    {
      "name": "CVE-2025-27363",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-27363"
    },
    {
      "name": "CVE-2022-37599",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-37599"
    },
    {
      "name": "CVE-2023-26136",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-26136"
    },
    {
      "name": "CVE-2019-9512",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-9512"
    },
    {
      "name": "CVE-2025-30204",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-30204"
    },
    {
      "name": "CVE-2024-45663",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-45663"
    },
    {
      "name": "CVE-2025-33134",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-33134"
    },
    {
      "name": "CVE-2019-9513",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-9513"
    },
    {
      "name": "CVE-2025-58754",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-58754"
    },
    {
      "name": "CVE-2024-38816",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38816"
    },
    {
      "name": "CVE-2022-25858",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-25858"
    },
    {
      "name": "CVE-2024-57699",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-57699"
    },
    {
      "name": "CVE-2024-10979",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-10979"
    },
    {
      "name": "CVE-2025-66418",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-66418"
    },
    {
      "name": "CVE-2025-36185",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-36185"
    },
    {
      "name": "CVE-2025-48734",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-48734"
    }
  ],
  "initial_release_date": "2026-01-30T00:00:00",
  "last_revision_date": "2026-01-30T00:00:00",
  "links": [],
  "reference": "CERTFR-2026-AVI-0109",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2026-01-30T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Injection de code indirecte \u00e0 distance (XSS)"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
    },
    {
      "description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
    },
    {
      "description": "Falsification de requ\u00eates c\u00f4t\u00e9 serveur (SSRF)"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    },
    {
      "description": "\u00c9l\u00e9vation de privil\u00e8ges"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits IBM. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire \u00e0 distance, une \u00e9l\u00e9vation de privil\u00e8ges et un d\u00e9ni de service \u00e0 distance.",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits IBM",
  "vendor_advisories": [
    {
      "published_at": "2026-01-28",
      "title": "Bulletin de s\u00e9curit\u00e9 IBM 5691194",
      "url": "https://www.ibm.com/support/pages/node/5691194"
    },
    {
      "published_at": "2026-01-27",
      "title": "Bulletin de s\u00e9curit\u00e9 IBM 7258104",
      "url": "https://www.ibm.com/support/pages/node/7258104"
    },
    {
      "published_at": "2026-01-28",
      "title": "Bulletin de s\u00e9curit\u00e9 IBM 7258234",
      "url": "https://www.ibm.com/support/pages/node/7258234"
    },
    {
      "published_at": "2026-01-27",
      "title": "Bulletin de s\u00e9curit\u00e9 IBM 7258110",
      "url": "https://www.ibm.com/support/pages/node/7258110"
    },
    {
      "published_at": "2026-01-23",
      "title": "Bulletin de s\u00e9curit\u00e9 IBM 7257910",
      "url": "https://www.ibm.com/support/pages/node/7257910"
    },
    {
      "published_at": "2026-01-23",
      "title": "Bulletin de s\u00e9curit\u00e9 IBM 7257899",
      "url": "https://www.ibm.com/support/pages/node/7257899"
    },
    {
      "published_at": "2026-01-26",
      "title": "Bulletin de s\u00e9curit\u00e9 IBM 7258042",
      "url": "https://www.ibm.com/support/pages/node/7258042"
    },
    {
      "published_at": "2026-01-23",
      "title": "Bulletin de s\u00e9curit\u00e9 IBM 7257904",
      "url": "https://www.ibm.com/support/pages/node/7257904"
    },
    {
      "published_at": "2026-01-23",
      "title": "Bulletin de s\u00e9curit\u00e9 IBM 7257903",
      "url": "https://www.ibm.com/support/pages/node/7257903"
    },
    {
      "published_at": "2026-01-23",
      "title": "Bulletin de s\u00e9curit\u00e9 IBM 7257901",
      "url": "https://www.ibm.com/support/pages/node/7257901"
    },
    {
      "published_at": "2026-01-23",
      "title": "Bulletin de s\u00e9curit\u00e9 IBM 7257898",
      "url": "https://www.ibm.com/support/pages/node/7257898"
    },
    {
      "published_at": "2026-01-23",
      "title": "Bulletin de s\u00e9curit\u00e9 IBM 7257900",
      "url": "https://www.ibm.com/support/pages/node/7257900"
    },
    {
      "published_at": "2026-01-25",
      "title": "Bulletin de s\u00e9curit\u00e9 IBM 7257978",
      "url": "https://www.ibm.com/support/pages/node/7257978"
    },
    {
      "published_at": "2026-01-23",
      "title": "Bulletin de s\u00e9curit\u00e9 IBM 7257902",
      "url": "https://www.ibm.com/support/pages/node/7257902"
    },
    {
      "published_at": "2026-01-29",
      "title": "Bulletin de s\u00e9curit\u00e9 IBM 7257519",
      "url": "https://www.ibm.com/support/pages/node/7257519"
    },
    {
      "published_at": "2026-01-29",
      "title": "Bulletin de s\u00e9curit\u00e9 IBM 7258331",
      "url": "https://www.ibm.com/support/pages/node/7258331"
    },
    {
      "published_at": "2026-01-29",
      "title": "Bulletin de s\u00e9curit\u00e9 IBM 7257633",
      "url": "https://www.ibm.com/support/pages/node/7257633"
    },
    {
      "published_at": "2026-01-28",
      "title": "Bulletin de s\u00e9curit\u00e9 IBM 7258232",
      "url": "https://www.ibm.com/support/pages/node/7258232"
    },
    {
      "published_at": "2026-01-28",
      "title": "Bulletin de s\u00e9curit\u00e9 IBM 7258224",
      "url": "https://www.ibm.com/support/pages/node/7258224"
    },
    {
      "published_at": "2026-01-29",
      "title": "Bulletin de s\u00e9curit\u00e9 IBM 7257678",
      "url": "https://www.ibm.com/support/pages/node/7257678"
    }
  ]
}

FKIE_CVE-2025-54313

Vulnerability from fkie_nvd - Published: 2025-07-19 17:15 - Updated: 2026-01-23 18:33

Severity ?

7.5 (High) - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:H/A:N

Summary

References

URL	Tags
cve@mitre.org	https://github.com/prettier/eslint-config-prettier/issues/339	Issue Tracking
cve@mitre.org	https://news.ycombinator.com/item?id=44608811	Issue Tracking
cve@mitre.org	https://news.ycombinator.com/item?id=44609732	Issue Tracking
cve@mitre.org	https://socket.dev/blog/npm-phishing-campaign-leads-to-prettier-tooling-packages-compromise	Third Party Advisory
cve@mitre.org	https://www.bleepingcomputer.com/news/security/popular-npm-linter-packages-hijacked-via-phishing-to-drop-malware/	Exploit, Third Party Advisory
cve@mitre.org	https://www.npmjs.com/package/eslint-config-prettier?activeTab=versions	Product
cve@mitre.org	https://www.stepsecurity.io/blog/supply-chain-security-alert-eslint-config-prettier-package-shows-signs-of-compromise	Exploit, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://github.com/community-scripts/ProxmoxVE/discussions/6115	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://www.endorlabs.com/learn/cve-2025-54313-eslint-config-prettier-compromise----high-severity-but-windows-only	Third Party Advisory
134c704f-9b21-4f2e-91b3-4a467353bcc0	https://www.bleepingcomputer.com/news/security/popular-npm-linter-packages-hijacked-via-phishing-to-drop-malware/	Exploit, Third Party Advisory
134c704f-9b21-4f2e-91b3-4a467353bcc0	https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2025-54313	US Government Resource

Impacted products

Vendor	Product	Version
prettier	eslint-config-prettier	8.10.1
prettier	eslint-config-prettier	9.1.1
prettier	eslint-config-prettier	10.1.6
prettier	eslint-config-prettier	10.1.7
microsoft	windows	-
prettier	eslint-plugin-prettier	4.2.2
prettier	eslint-plugin-prettier	4.2.3
microsoft	windows	-
un-ts	synckit	0.11.9
microsoft	windows	-
un-ts	pkgr\/core	0.2.8
microsoft	windows	-
alexghr	got-fetch	5.1.1
alexghr	got-fetch	5.1.2
microsoft	windows	-
un-ts	napi-postinstall	0.3.1
microsoft	windows	-
homarr	homarr	*
microsoft	windows	-

JSON

To clipboard

{
  "cisaActionDue": "2026-02-12",
  "cisaExploitAdd": "2026-01-22",
  "cisaRequiredAction": "Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.",
  "cisaVulnerabilityName": "Prettier eslint-config-prettier Embedded Malicious Code Vulnerability",
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:prettier:eslint-config-prettier:8.10.1:*:*:*:*:node.js:*:*",
              "matchCriteriaId": "B43B0C8D-0662-45E9-ADA9-AA6A8A5AC042",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:prettier:eslint-config-prettier:9.1.1:*:*:*:*:node.js:*:*",
              "matchCriteriaId": "9CAD3812-C7C4-443C-BFFE-3B7751EBCB38",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:prettier:eslint-config-prettier:10.1.6:*:*:*:*:node.js:*:*",
              "matchCriteriaId": "64749F3A-C896-4133-8C21-4C2439780CB0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:prettier:eslint-config-prettier:10.1.7:*:*:*:*:node.js:*:*",
              "matchCriteriaId": "C9CE9AC7-568C-43CF-8417-ADA21CECB3A5",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:prettier:eslint-plugin-prettier:4.2.2:*:*:*:*:node.js:*:*",
              "matchCriteriaId": "3A8983B4-86E8-4B13-95A1-EEF13107122B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:prettier:eslint-plugin-prettier:4.2.3:*:*:*:*:node.js:*:*",
              "matchCriteriaId": "F22A30A9-BA7F-4B49-8C9B-547E79F1CD46",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:un-ts:synckit:0.11.9:*:*:*:*:node.js:*:*",
              "matchCriteriaId": "92E47D68-A074-4FFD-8A7C-91BC032A95E1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:un-ts:pkgr\\/core:0.2.8:*:*:*:*:node.js:*:*",
              "matchCriteriaId": "CDB0E59B-E301-4686-88E0-A107B823FE77",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:alexghr:got-fetch:5.1.1:*:*:*:*:node.js:*:*",
              "matchCriteriaId": "9839FE3B-999A-4CA8-AE29-C6854B13A1FD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:alexghr:got-fetch:5.1.2:*:*:*:*:node.js:*:*",
              "matchCriteriaId": "6AA8D543-56F5-438E-B99B-ECD89642C416",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:un-ts:napi-postinstall:0.3.1:*:*:*:*:node.js:*:*",
              "matchCriteriaId": "044AD411-E619-4FAE-8506-3C44FBBC5666",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:homarr:homarr:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F3427958-A7B3-4FBA-A8D8-7F04C04E5F2F",
              "versionEndExcluding": "1.30.0",
              "versionStartIncluding": "1.29.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "eslint-config-prettier 8.10.1, 9.1.1, 10.1.6, and 10.1.7 has embedded malicious code for a supply chain compromise. Installing an affected package executes an install.js file that launches the node-gyp.dll malware on Windows."
    },
    {
      "lang": "es",
      "value": "eslint-config-prettier 8.10.1, 9.1.1, 10.1.6 y 10.1.7 contiene c\u00f3digo malicioso que compromete la cadena de suministro. Al instalar un paquete afectado, se ejecuta un archivo install.js que lanza el malware node-gyp.dll en Windows."
    }
  ],
  "id": "CVE-2025-54313",
  "lastModified": "2026-01-23T18:33:09.503",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "HIGH",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 7.5,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "LOW",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:H/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 2.2,
        "impactScore": 4.7,
        "source": "cve@mitre.org",
        "type": "Secondary"
      }
    ]
  },
  "published": "2025-07-19T17:15:23.733",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Issue Tracking"
      ],
      "url": "https://github.com/prettier/eslint-config-prettier/issues/339"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Issue Tracking"
      ],
      "url": "https://news.ycombinator.com/item?id=44608811"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Issue Tracking"
      ],
      "url": "https://news.ycombinator.com/item?id=44609732"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://socket.dev/blog/npm-phishing-campaign-leads-to-prettier-tooling-packages-compromise"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Exploit",
        "Third Party Advisory"
      ],
      "url": "https://www.bleepingcomputer.com/news/security/popular-npm-linter-packages-hijacked-via-phishing-to-drop-malware/"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Product"
      ],
      "url": "https://www.npmjs.com/package/eslint-config-prettier?activeTab=versions"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Exploit",
        "Third Party Advisory"
      ],
      "url": "https://www.stepsecurity.io/blog/supply-chain-security-alert-eslint-config-prettier-package-shows-signs-of-compromise"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://github.com/community-scripts/ProxmoxVE/discussions/6115"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://www.endorlabs.com/learn/cve-2025-54313-eslint-config-prettier-compromise----high-severity-but-windows-only"
    },
    {
      "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
      "tags": [
        "Exploit",
        "Third Party Advisory"
      ],
      "url": "https://www.bleepingcomputer.com/news/security/popular-npm-linter-packages-hijacked-via-phishing-to-drop-malware/"
    },
    {
      "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
      "tags": [
        "US Government Resource"
      ],
      "url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2025-54313"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Analyzed",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-506"
        }
      ],
      "source": "cve@mitre.org",
      "type": "Secondary"
    }
  ]
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2025-54313 (GCVE-0-2025-54313)

GHSA-F29H-PXVX-F335

CERTFR-2026-AVI-0109

Solutions

FKIE_CVE-2025-54313

Tags

Sightings

Nomenclature