A compromised release of the Nx Console IDE extension briefly shipped credential-harvesting code through official extension marketplaces, and CISA has added it to the Known Exploited Vulnerabilities catalog.
What Is It
CVE-2026-48027 is an embedded malicious code vulnerability (CWE-506) in Nx Console, the official user interface for the Nx and Lerna monorepo build tools. On 19 May 2026, a malicious version (18.95.0) of the extension was published to the Visual Studio Marketplace at 12:30 UTC and pulled at 12:48 UTC, a roughly 18-minute exposure window. The same compromised build sat on OpenVSX from 12:33 UTC to 13:09 UTC, about 36 minutes. The poisoned extension fetched an obfuscated payload designed to harvest credentials from multiple sources on disk and in memory. NVD scores the issue 9.8 Critical (CVSS 3.1) and 9.3 Critical (CVSS 4.0), with network attack vector, no privileges, and no user interaction required beyond installing or updating the extension.
Why It Matters
Nx Console is broadly installed across developer workstations in organizations using Nx/Lerna monorepos; exactly the high-value endpoints that hold cloud credentials, signing keys, source code, and CI tokens. Because the malicious package was distributed through trusted marketplaces, any auto-updating IDE during the exposure window could have pulled it without warning. CISA added the CVE to KEV on 2026-05-27, confirming active exploitation in the wild. Ransomware use is listed as Unknown.
What's Vulnerable
- Nx Console version 18.95.0 for Visual Studio Code (CPE:
cpe:2.3:a:nx:nx_console:18.95.0:*:*:*:*:visual_studio_code:*:*) - The same 18.95.0 build distributed via OpenVSX during the exposure window
Version 18.100.0 is not compromised.
Patch Status
Nx has confirmed that Nx Console 18.100.0 is clean. Users should upgrade immediately. CISA's required action: apply vendor mitigations, follow BOD 22-01 guidance for cloud services, or discontinue use if mitigations are unavailable. Federal civilian agencies must remediate by 2026-06-10. Given the payload targeted credentials, any host that ran 18.95.0 should be treated as potentially compromised; rotate developer, cloud, and CI secrets accessible from those workstations and review the vendor IoC list.