PT-2026-44044 · Unknown · Nx Console

Ashish Kurmi

·

Published

2026-05-27

·

Updated

2026-07-05

·

CVE-2026-48027

CVSS v3.1

9.8

Critical

VectorAV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Name of the Vulnerable Software and Affected Versions Nx Console version 18.95.0
Description A malicious version of Nx Console, which serves as the user interface for Nx and Lerna, was published to the Visual Studio Marketplace and OpenVSX. The compromised version was available for approximately 18 minutes on the Visual Studio Marketplace and approximately 36 minutes on OpenVSX.
Recommendations Upgrade Nx Console to version 18.100.0.

Exploit

Fix

RCE

Found an issue in the description? Have something to add? Feel free to write us 👾

Weakness Enumeration

Related Identifiers

CVE-2026-48027
GHSA-C9J4-9M59-847W

Affected Products

Nx Console