axios — CVE history (npm)

axios

34 CVEs affect the axios npm package (highest CVSS 9.9). Latest disclosed: 2026-06-11. Full CVE history sourced from NVD.

Summary

Package
axios (npm)
Total CVEs
34
Actively exploited (CISA KEV)
0
Highest CVSS
9.9
Latest disclosed
2026-06-11

Recent CVEs (top 20)

CVESeverityCVSSKEVPublishedSummary
CVE-2026-44496High7.52026-06-11Axios is a promise based HTTP client for the browser and Node.js.
CVE-2026-44495High7.02026-06-11Axios is a promise based HTTP client for the browser and Node.js.
CVE-2026-44494High8.72026-06-11Axios is a promise based HTTP client for the browser and Node.js.
CVE-2026-44492High8.62026-06-11Axios is a promise based HTTP client for the browser and Node.js.
CVE-2026-44490Medium4.82026-06-11Axios is a promise based HTTP client for the browser and Node.js.
CVE-2026-44489Low3.72026-06-11Axios is a promise based HTTP client for the browser and Node.js.
CVE-2026-44488High7.52026-06-11Axios is a promise based HTTP client for the browser and Node.js.
CVE-2026-44487High7.52026-06-11Axios is a promise based HTTP client for the browser and Node.js.
CVE-2026-44486High7.52026-06-11Axios is a promise based HTTP client for the browser and Node.js.
CVE-2026-42264High7.42026-05-08Axios is a promise based HTTP client for the browser and Node.js.
CVE-2026-42044Medium6.52026-04-24Axios is a promise based HTTP client for the browser and Node.js.
CVE-2026-42043High7.22026-04-24Axios is a promise based HTTP client for the browser and Node.js.
CVE-2026-42042Medium5.42026-04-24Axios is a promise based HTTP client for the browser and Node.js.
CVE-2026-42041Medium4.82026-04-24Axios is a promise based HTTP client for the browser and Node.js.
CVE-2026-42040Low3.72026-04-24Axios is a promise based HTTP client for the browser and Node.js.
CVE-2026-42039High7.52026-04-24Axios is a promise based HTTP client for the browser and Node.js.
CVE-2026-42038Medium6.82026-04-24Axios is a promise based HTTP client for the browser and Node.js.
CVE-2026-42037Medium5.32026-04-24Axios is a promise based HTTP client for the browser and Node.js.
CVE-2026-42036Medium5.32026-04-24Axios is a promise based HTTP client for the browser and Node.js.
CVE-2026-42035High7.42026-04-24Axios is a promise based HTTP client for the browser and Node.js.

All-time worst (top 10 by CVSS)

CVESeverityCVSSKEVPublishedSummary
CVE-2025-62718Critical9.92026-04-09Axios is a promise based HTTP client for the browser and Node.js.
CVE-2026-44494High8.72026-06-11Axios is a promise based HTTP client for the browser and Node.js.
CVE-2026-44492High8.62026-06-11Axios is a promise based HTTP client for the browser and Node.js.
CVE-2026-44496High7.52026-06-11Axios is a promise based HTTP client for the browser and Node.js.
CVE-2026-44488High7.52026-06-11Axios is a promise based HTTP client for the browser and Node.js.
CVE-2026-44487High7.52026-06-11Axios is a promise based HTTP client for the browser and Node.js.
CVE-2026-44486High7.52026-06-11Axios is a promise based HTTP client for the browser and Node.js.
CVE-2026-42039High7.52026-04-24Axios is a promise based HTTP client for the browser and Node.js.
CVE-2026-25639High7.52026-02-09Axios is a promise based HTTP client for the browser and Node.js.
CVE-2025-58754High7.52025-09-12Axios is a promise based HTTP client for the browser and Node.js.