CVE Watchtower


← Back to CVE List

CVE-2026-48027NVD

Vulnerability Summary

Nx Console is the user interface for Nx & Lerna. On 19 May 2026, a malicious version of Nx Console, 18.95.0, was published at 12:30 PM UTC and removed soon after at 12:48 PM UTC, leaving it available for ~18 minutes in Visual Studio Marketplace. For OpenVSX, the problem was detected later, and the compromised version was available from 12:33 UTC to 13:09 UTC (~36 minutes). Version 18.100.0 of Nx Console is not compromised and users may remediate by upgrading to that version.
Severity Level
UNKNOWN
Published Date
May 27, 2026
Last Modified
May 28, 2026
Exploitation Status
ACTIVE
EPSS Score (30-Day)
1.85%Probability
Root Weakness (CWE)
N/A