CVE-2025-54313

high-risk
Published 2025-07-19

eslint-config-prettier 8.10.1, 9.1.1, 10.1.6, and 10.1.7 has embedded malicious code for a supply chain compromise. Installing an affected package executes an install.js file that launches the node-gyp.dll malware on Windows.

Do I need to act?

!
10.5% chance of exploitation in next 30 days
EPSS score — higher than 90% of all CVEs
!
CISA KEV: actively exploited in the wild
On the Known Exploited Vulnerabilities catalog — federal agencies must patch
?
Patch status unknown
Check vendor advisories for fix availability and mitigation guidance
7
CVSS 7.5/10 High
NETWORK / HIGH complexity

Affected Products (12)

Homarr

Affected Vendors

Prettier Un-Ts Alexghr Homarr

References (11)

Issue Tracking https://github.com/prettier/eslint-config-prettier/issues/339
Issue Tracking https://news.ycombinator.com/item?id=44608811
Issue Tracking https://news.ycombinator.com/item?id=44609732
Third Party Advisory https://socket.dev/blog/npm-phishing-campaign-leads-to-prettier-tooling-packages...
Exploit https://www.bleepingcomputer.com/news/security/popular-npm-linter-packages-hijac...
Product https://www.npmjs.com/package/eslint-config-prettier?activeTab=versions
Exploit https://www.stepsecurity.io/blog/supply-chain-security-alert-eslint-config-prett...
Third Party Advisory https://github.com/community-scripts/ProxmoxVE/discussions/6115
Third Party Advisory https://www.endorlabs.com/learn/cve-2025-54313-eslint-config-prettier-compromise...
Exploit https://www.bleepingcomputer.com/news/security/popular-npm-linter-packages-hijac...
US Government Resource https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2025-...
57
/ 100
high-risk
Severity 22/34 · High
Exploitability 18/34 · Moderate
Exposure 17/34 · Moderate