Axios Vulnerability Enables Attackers to Crash Node.js Applications via Data Handle Abuse
Posted: Sun Sep 14, 2025 4:18 pm
A critical security vulnerability has been discovered in the popular Axios HTTP client library that allows attackers to crash Node.js applications through malicious data URL handling.
The flaw, tracked as CVE-2025-58754, affects all versions of Axios before 1.11.0 and has been assigned a CVSS 3.1 score of 7.5, indicating high severity.
Vulnerability Mechanics
https://gbhackers.com/axios-vulnerability/
The flaw, tracked as CVE-2025-58754, affects all versions of Axios before 1.11.0 and has been assigned a CVSS 3.1 score of 7.5, indicating high severity.
Vulnerability Mechanics
https://gbhackers.com/axios-vulnerability/