{ "affected": [ { "database_specific": { "unresolved_ranges": [ { "events": [ { "introduced": "0" }, { "last_affected": "8.10.1" } ] }, { "events": [ { "introduced": "0" }, { "last_affected": "9.1.1" } ] }, { "events": [ { "introduced": "0" }, { "last_affected": "10.1.6" } ] }, { "events": [ { "introduced": "0" }, { "last_affected": "10.1.7" } ] }, { "events": [ { "introduced": "0" }, { "last_affected": "4.2.2" } ] }, { "events": [ { "introduced": "0" }, { "last_affected": "4.2.3" } ] }, { "events": [ { "introduced": "0" }, { "last_affected": "0.11.9" } ] } ] }, "ranges": [ { "database_specific": { "versions": [ { "introduced": "0" }, { "last_affected": "5.1.1" }, { "introduced": "0" }, { "last_affected": "5.1.2" } ] }, "events": [ { "introduced": "0" }, { "last_affected": "91d71081b3185a6bf9c6765512947789de0f2f2a" }, { "introduced": "0" }, { "last_affected": "f553ecde7c2dd5e7c48f166e53bb310540b42aaa" } ], "repo": "https://github.com/alexghr/got-fetch", "type": "GIT" }, { "database_specific": { "versions": [ { "introduced": "1.29.0" }, { "fixed": "1.30.0" } ] }, "events": [ { "introduced": "c2305d4e276e3627c18c3aaa4cbcfbb1d6388570" }, { "fixed": "fd62524db309429db1f233b1d0feb8e6ab4efd2d" } ], "repo": "https://github.com/homarr-labs/homarr", "type": "GIT" }, { "database_specific": { "versions": [ { "introduced": "0" }, { "last_affected": "0.2.8" } ] }, "events": [ { "introduced": "0" }, { "last_affected": "d114886817220e2fe6c5737460edac13527096a5" } ], "repo": "https://github.com/un-ts/pkgr", "type": "GIT" }, { "database_specific": { "versions": [ { "introduced": "0" }, { "last_affected": "0.3.1" } ] }, "events": [ { "introduced": "0" }, { "last_affected": "ebfb59dbf42f665d51e771e46dd1272b178c8295" } ], "repo": "https://github.com/un-ts/synckit", "type": "GIT" } ] } ], "details": "eslint-config-prettier 8.10.1, 9.1.1, 10.1.6, and 10.1.7 has embedded malicious code for a supply chain compromise. Installing an affected package executes an install.js file that launches the node-gyp.dll malware on Windows.", "id": "CVE-2025-54313", "modified": "2026-04-01T23:09:11.618380163Z", "published": "2025-07-19T17:15:23.733Z", "references": [ { "type": "WEB", "url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2025-54313" }, { "type": "WEB", "url": "https://www.npmjs.com/package/eslint-config-prettier?activeTab=versions" }, { "type": "ADVISORY", "url": "https://socket.dev/blog/npm-phishing-campaign-leads-to-prettier-tooling-packages-compromise" }, { "type": "ADVISORY", "url": "https://github.com/community-scripts/ProxmoxVE/discussions/6115" }, { "type": "ADVISORY", "url": "https://www.endorlabs.com/learn/cve-2025-54313-eslint-config-prettier-compromise----high-severity-but-windows-only" }, { "type": "REPORT", "url": "https://news.ycombinator.com/item?id=44609732" }, { "type": "REPORT", "url": "https://news.ycombinator.com/item?id=44608811" }, { "type": "REPORT", "url": "https://github.com/prettier/eslint-config-prettier/issues/339" }, { "type": "EVIDENCE", "url": "https://www.stepsecurity.io/blog/supply-chain-security-alert-eslint-config-prettier-package-shows-signs-of-compromise" }, { "type": "EVIDENCE", "url": "https://www.bleepingcomputer.com/news/security/popular-npm-linter-packages-hijacked-via-phishing-to-drop-malware/" } ], "severity": [ { "score": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:H/A:N", "type": "CVSS_V3" } ] }