CVE-2025-54313

eslint-config-prettier 8.10.1, 9.1.1, 10.1.6, and 10.1.7 has embedded malicious code for a supply chain compromise. Installing an affected package executes an install.js file that launches the node-gyp.dll malware on Windows.

CVSS

No CVSS.

References

Link	Resource
https://github.com/community-scripts/ProxmoxVE/discussions/6115
https://github.com/prettier/eslint-config-prettier/issues/339
https://news.ycombinator.com/item?id=44608811
https://news.ycombinator.com/item?id=44609732
https://socket.dev/blog/npm-phishing-campaign-leads-to-prettier-tooling-packages-compromise
https://www.bleepingcomputer.com/news/security/popular-npm-linter-packages-hijacked-via-phishing-to-drop-malware/
https://www.bleepingcomputer.com/news/security/popular-npm-linter-packages-hijacked-via-phishing-to-drop-malware/
https://www.endorlabs.com/learn/cve-2025-54313-eslint-config-prettier-compromise----high-severity-but-windows-only
https://www.npmjs.com/package/eslint-config-prettier?activeTab=versions
https://www.stepsecurity.io/blog/supply-chain-security-alert-eslint-config-prettier-package-shows-signs-of-compromise

Configurations

No configuration.

History

21 Jul 2025, 16:15

Type	Values Removed	Values Added
CWE	~~CWE-506~~
References		() https://github.com/community-scripts/ProxmoxVE/discussions/6115 - () https://www.endorlabs.com/learn/cve-2025-54313-eslint-config-prettier-compromise----high-severity-but-windows-only -

19 Jul 2025, 17:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2025-07-19 17:15

Updated : 2025-07-23 16:15

NVD link : CVE-2025-54313

Mitre link : CVE-2025-54313

JSON object : View

Products Affected

No product.

CWE

No CWE.

{"cve": {"data_type": "CVE", "references": {"reference_data": [{"url": "https://github.com/community-scripts/ProxmoxVE/discussions/6115", "name": "https://github.com/community-scripts/ProxmoxVE/discussions/6115", "tags": [], "refsource": ""}, {"url": "https://github.com/prettier/eslint-config-prettier/issues/339", "name": "https://github.com/prettier/eslint-config-prettier/issues/339", "tags": [], "refsource": ""}, {"url": "https://news.ycombinator.com/item?id=44608811", "name": "https://news.ycombinator.com/item?id=44608811", "tags": [], "refsource": ""}, {"url": "https://news.ycombinator.com/item?id=44609732", "name": "https://news.ycombinator.com/item?id=44609732", "tags": [], "refsource": ""}, {"url": "https://socket.dev/blog/npm-phishing-campaign-leads-to-prettier-tooling-packages-compromise", "name": "https://socket.dev/blog/npm-phishing-campaign-leads-to-prettier-tooling-packages-compromise", "tags": [], "refsource": ""}, {"url": "https://www.bleepingcomputer.com/news/security/popular-npm-linter-packages-hijacked-via-phishing-to-drop-malware/", "name": "https://www.bleepingcomputer.com/news/security/popular-npm-linter-packages-hijacked-via-phishing-to-drop-malware/", "tags": [], "refsource": ""}, {"url": "https://www.bleepingcomputer.com/news/security/popular-npm-linter-packages-hijacked-via-phishing-to-drop-malware/", "name": "https://www.bleepingcomputer.com/news/security/popular-npm-linter-packages-hijacked-via-phishing-to-drop-malware/", "tags": [], "refsource": ""}, {"url": "https://www.endorlabs.com/learn/cve-2025-54313-eslint-config-prettier-compromise----high-severity-but-windows-only", "name": "https://www.endorlabs.com/learn/cve-2025-54313-eslint-config-prettier-compromise----high-severity-but-windows-only", "tags": [], "refsource": ""}, {"url": "https://www.npmjs.com/package/eslint-config-prettier?activeTab=versions", "name": "https://www.npmjs.com/package/eslint-config-prettier?activeTab=versions", "tags": [], "refsource": ""}, {"url": "https://www.stepsecurity.io/blog/supply-chain-security-alert-eslint-config-prettier-package-shows-signs-of-compromise", "name": "https://www.stepsecurity.io/blog/supply-chain-security-alert-eslint-config-prettier-package-shows-signs-of-compromise", "tags": [], "refsource": ""}]}, "data_format": "MITRE", "description": {"description_data": [{"lang": "en", "value": "eslint-config-prettier 8.10.1, 9.1.1, 10.1.6, and 10.1.7 has embedded malicious code for a supply chain compromise. Installing an affected package executes an install.js file that launches the node-gyp.dll malware on Windows."}]}, "problemtype": {"problemtype_data": [{"description": []}]}, "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2025-54313", "ASSIGNER": "cve@mitre.org"}}, "impact": {}, "publishedDate": "2025-07-19T17:15Z", "configurations": {"nodes": [], "CVE_data_version": "4.0"}, "lastModifiedDate": "2025-07-23T16:15Z"}