Axios patches header injection gadget enabling IMDSv2 cloud credential theft
TL;DR — A Critical Axios “gadget chain” can let attackers smuggle injected HTTP headers and pivot SSRF into AWS IMDSv2 token/credential theft, risking full cloud compromise in affected services.
What happened
axios is a widely used HTTP client library for JavaScript (Node.js and browsers). CVE-2026-40175 describes a Critical issue where Axios can be used as a gadget to escalate prototype pollution elsewhere in the dependency tree into higher-impact outcomes, including remote code execution (RCE) or full cloud compromise via an AWS IMDSv2 bypass.
The CVE record ties this to a header-processing chain (CRLF/header injection leading into request smuggling/SSRF behaviors). It is scored CVSS v3.1 10.0 (Critical).
| Item | Source value |
|---|---|
| Affected software | axios (npm) |
| Impact | Escalation chain to RCE or cloud compromise (AWS IMDSv2 bypass) |
| Severity | CVSS v3.1 10.0 (Critical) |
| Affected versions (CVE record) | axios < 1.15.0 |
| Fixed version (CVE record) | 1.15.0 |
Why it matters: this is an example of a modern, high-leverage dependency-chain failure mode — an app may “only” have a prototype pollution primitive in one library, but a ubiquitous HTTP client can turn that into cross-boundary request injection and cloud credential exposure.
Who is impacted
- Any project that depends on
axiosin the CVE record’s affected range (< 1.15.0). - Higher-risk server-side deployments where application outbound HTTP can reach sensitive internal endpoints (e.g., cloud metadata services).
- Stacks where any other dependency can provide a prototype pollution primitive (the CVE record explicitly frames Axios as an escalation gadget when pollution occurs elsewhere).
What to do now
- Follow vendor remediation guidance and apply a release containing the fix (the CVE record states the vulnerability is fixed in
1.15.0). - Identify production services that import
axios(directly or transitively) and confirm the deployed version from lockfiles, bundled artifacts, and container images. - Treat this as a cloud-credential exposure risk for server-side workloads: review whether affected services can reach instance metadata endpoints and rotate any credentials that would be exposed if metadata could be queried from that runtime.
- If you suspect exploitation, review outbound HTTP telemetry for anomalous requests originating from application runtimes that should not be interacting with metadata or other internal control-plane endpoints.
Content is AI-assisted and reviewed by our team, but issues may be missed and best practices evolve rapidly, send corrections to [email protected]. Always consult official documentation and validate key implementation decisions before making design or security choices.