Количество 3
Количество 3
CVE-2025-10894
Malicious code was inserted into the Nx (build system) package and several related plugins. The tampered package was published to the npm software registry, via a supply-chain attack. Affected versions contain code that scans the file system, collects credentials, and posts them to GitHub as a repo under user's accounts.
CVE-2025-10894
Malicious code was inserted into the Nx (build system) package and several related plugins. The tampered package was published to the npm software registry, via a supply-chain attack. Affected versions contain code that scans the file system, collects credentials, and posts them to GitHub as a repo under user's accounts.
GHSA-cxm3-wv7p-598c
Malicious versions of Nx were published
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2025-10894 Malicious code was inserted into the Nx (build system) package and several related plugins. The tampered package was published to the npm software registry, via a supply-chain attack. Affected versions contain code that scans the file system, collects credentials, and posts them to GitHub as a repo under user's accounts. | CVSS3: 9.6 | 0% Низкий | 3 месяца назад |
 | CVE-2025-10894 Malicious code was inserted into the Nx (build system) package and several related plugins. The tampered package was published to the npm software registry, via a supply-chain attack. Affected versions contain code that scans the file system, collects credentials, and posts them to GitHub as a repo under user's accounts. | CVSS3: 9.6 | 0% Низкий | 3 месяца назад |
| GHSA-cxm3-wv7p-598c Malicious versions of Nx were published | 0% Низкий | 4 месяца назад |
Уязвимостей на страницу