Axios, the JavaScript HTTP client powering over 100 million npm downloads every week, is under fire again — this time from a quietly lurking code-level flaw that can hand an attacker the keys to your entire cloud infrastructure without a single line of malicious input touching your own codebase.
Tracked as CVE-2026-40175 with a maximum CVSS score of 10, the vulnerability allows attackers to escalate a simple prototype pollution in a third-party dependency into a total cloud takeover or Remote Code Execution. A public Proof of Concept has already been released, compressing the window for teams to act.
Recently, North Korea's UNC1069 poisoned versions 1.14.1 and 0.30.4 of Axios through a compromised maintainer account, embedding a cross-platform backdoor that reached roughly 100 million weekly downloads and affected approximately 80% of cloud and code environments. That supply chain nightmare has barely cleared, and now developers face a separate, weaponisable code flaw baked into the library itself.
What makes CVE-2026-40175 particularly dangerous is its stealth. The vulnerability requires zero direct user input. If an attacker can pollute Object.prototype via any other library in the stack — such as qs, minimist, ini, or body-parser — Axios will automatically pick up the polluted properties during its config merge. Because the library never sanitises those merged header values for carriage return and line feed (CRLF) characters, the tainted property silently transforms into a request smuggling payload — all while the application code looks completely normal to the developer.
The exploit chain defeats AWS IMDSv2 session token protections, enabling unrestricted cloud metadata exfiltration, authentication bypass via injected Cookie or Authorisation headers, and cache poisoning through malicious Host header injection. In containerised or serverless environments, the blast radius extends to full remote code execution.
The vulnerability affects all Axios versions prior to 1.15.0, which contains the fix. The patched release enforces strict CRLF validation in lib/adapters/http.js, rejecting any header value containing invalid characters before it ever reaches the socket.
What you should do right now:
Run npm install axios@latest or pin to >=1.15.0 in your package.json. Audit your dependency tree for any package that touches Object.prototype — qs, minimist, and body-parser are the most common offenders. If your application runs in AWS, rotate IAM credentials and review CloudTrail logs for unusual metadata service access. Enable dependency scanning in your CI pipeline to catch future pollution vectors before they reach production.