CVE-2026-48027
Analyzed Analyzed - Analysis Complete
Typosquatting Malicious Package in Nx Console

Publication date: 2026-05-27

Last updated on: 2026-05-27

Assigner: GitHub, Inc.

Description
Nx Console is the user interface for Nx & Lerna. On 19 May 2026, a malicious version of Nx Console, 18.95.0, was published at 12:30 PM UTC and removed soon after at 12:48 PM UTC, leaving it available for ~18 minutes in Visual Studio Marketplace. For OpenVSX, the problem was detected later, and the compromised version was available from 12:33 UTC to 13:09 UTC (~36 minutes). Version 18.100.0 of Nx Console is not compromised and users may remediate by upgrading to that version.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-05-27
Last Modified
2026-05-27
Generated
2026-06-17
AI Q&A
2026-05-27
EPSS Evaluated
2026-06-15
NVD
CVE-2026-48027
EUVD
EUVD-2026-32550
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
nx nx_console 18.95.0
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-506 The product contains code that appears to be malicious in nature.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

A malicious version 18.95.0 of Nx Console, the user interface for Nx & Lerna, was briefly published on the Visual Studio Marketplace and OpenVSX in May 2026. This compromised version was available for approximately 18 minutes on Visual Studio Marketplace and about 36 minutes on OpenVSX before being removed. Users are advised to upgrade to version 18.100.0, which is not compromised.

Impact Analysis

The vulnerability involves the distribution of a malicious version of Nx Console, which could potentially lead to severe security impacts given its high CVSS score of 9.3. Since the compromised version was available for a short time, users who installed it might have been exposed to malicious actions without requiring user interaction or privileges, indicating a high risk of exploitation.

Detection Guidance

This vulnerability involves a malicious version (18.95.0) of Nx Console that was briefly available on the Visual Studio Marketplace and OpenVSX. Detection would involve verifying the installed version of Nx Console on your system.

You can detect if your system is affected by checking the version of Nx Console installed. If the version is 18.95.0, it is compromised.

Suggested command to check the version of Nx Console (assuming it is installed as a CLI tool):

  • nx-console --version

Alternatively, if Nx Console is installed as a Visual Studio Code extension, check the extension version in the Extensions panel or use the command palette to list installed extensions and their versions.

Mitigation Strategies

The immediate mitigation step is to upgrade Nx Console to version 18.100.0 or later, as this version is not compromised.

If you have version 18.95.0 installed, uninstall it immediately and replace it with the safe version.

Compliance Impact

The CVE-2026-48027 vulnerability involves a supply chain compromise that led to the distribution of a malicious version of the Nx Console VS Code extension, which harvested and exfiltrated sensitive credentials and secrets from developer environments.

This unauthorized access and exfiltration of credentials, including tokens for cloud infrastructure, CI/CD systems, and password managers, could lead to data breaches and unauthorized access to protected data.

Such breaches may impact compliance with standards and regulations like GDPR and HIPAA, which require protection of personal and sensitive data, prompt breach notification, and implementation of strong security controls to prevent unauthorized access.

Organizations using the compromised version should consider their environments potentially compromised, rotate all credentials, and investigate for indicators of compromise to mitigate risks and maintain compliance.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-48027. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart