CVE-2026-48027
BaseFortify
Publication date: 2026-05-27
Last updated on: 2026-05-27
Assigner: GitHub, Inc.
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| nx | nx_console | 18.95.0 |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-506 | The product contains code that appears to be malicious in nature. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
A malicious version 18.95.0 of Nx Console, the user interface for Nx & Lerna, was briefly published on the Visual Studio Marketplace and OpenVSX in May 2026. This compromised version was available for approximately 18 minutes on Visual Studio Marketplace and about 36 minutes on OpenVSX before being removed. Users are advised to upgrade to version 18.100.0, which is not compromised.
How can this vulnerability impact me? :
The vulnerability involves the distribution of a malicious version of Nx Console, which could potentially lead to severe security impacts given its high CVSS score of 9.3. Since the compromised version was available for a short time, users who installed it might have been exposed to malicious actions without requiring user interaction or privileges, indicating a high risk of exploitation.
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability involves a malicious version (18.95.0) of Nx Console that was briefly available on the Visual Studio Marketplace and OpenVSX. Detection would involve verifying the installed version of Nx Console on your system.
You can detect if your system is affected by checking the version of Nx Console installed. If the version is 18.95.0, it is compromised.
Suggested command to check the version of Nx Console (assuming it is installed as a CLI tool):
- nx-console --version
Alternatively, if Nx Console is installed as a Visual Studio Code extension, check the extension version in the Extensions panel or use the command palette to list installed extensions and their versions.
What immediate steps should I take to mitigate this vulnerability?
The immediate mitigation step is to upgrade Nx Console to version 18.100.0 or later, as this version is not compromised.
If you have version 18.95.0 installed, uninstall it immediately and replace it with the safe version.
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
The CVE-2026-48027 vulnerability involves a supply chain compromise that led to the distribution of a malicious version of the Nx Console VS Code extension, which harvested and exfiltrated sensitive credentials and secrets from developer environments.
This unauthorized access and exfiltration of credentials, including tokens for cloud infrastructure, CI/CD systems, and password managers, could lead to data breaches and unauthorized access to protected data.
Such breaches may impact compliance with standards and regulations like GDPR and HIPAA, which require protection of personal and sensitive data, prompt breach notification, and implementation of strong security controls to prevent unauthorized access.
Organizations using the compromised version should consider their environments potentially compromised, rotate all credentials, and investigate for indicators of compromise to mitigate risks and maintain compliance.