NVD CRITICAL: CVE-2026-48027 — Nx Console is the user interface for Nx & Lerna. On 19 May 2026, a malicious ver...

Wednesday, May 27, 2026 at 05:16 PM UTC·Source: NIST NVD

Updated: Saturday, May 30, 2026 at 12:00 AM UTC

Executive Summary

Nx Console is the user interface for Nx & Lerna. On 19 May 2026, a malicious version of Nx Console, 18.95.0, was published at 12:30 PM UTC and removed soon after at 12:48 PM UTC, leaving it available for ~18 minutes in Visual Studio Marketplace. For OpenVSX, the problem was detected later, and the compromised version was available from 12:33 UTC to 13:09 UTC (~36 minutes). Version 18.100.0 of Nx C

Analysis

Indicators of Compromise (1)

CVE (1)

CVE-2026-48027

NVD MITRE CVE

Source Attribution

Originally published by NIST NVD on May 27, 2026. Verified by: NIST.

Related Threats

CRITICALVulnerabilityNEW

Vulnerability Disclosure in the Age of AI

New article: “ Responsible Disclosure in the Age of AI: A Call for Urgent Action ,” by Melissa Hathaway. Abstract: Artificial intelligence is fundamentally reshaping the balance between vulnerability discovery and remediation. Frontier AI models are now capable of autonomously identifying exploitable software vulnerabilities at unprecedented speed and scale. This development exposes de

30m agoSchneier on Security

MEDIUMVulnerability

Equals Money and Railsr rebrand as Equals

Equals Money and Railsr rebrands as Equals, the next-generation global money movement platform.

1h agoFinextra

MEDIUMVulnerability

BIS reports back on open finance Project Aperta

Project Aperta, led by the Bank for International Settlements (BIS), has been designing, developing and testing a prototype for cross-border open finance interconnectivity via application programming interfaces (APIs) – a "network of networks" that connects existing domestic networks through a neutral interoperability layer.

1h agoFinextra