CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Un-Ts: >> Synckit Security Vulnerabilities

CVE-2025-54313

Known exploited

eslint-config-prettier 8.10.1, 9.1.1, 10.1.6, and 10.1.7 has embedded malicious code for a supply chain compromise. Installing an affected package executes an install.js file that launches the node-gyp.dll malware on Windows.

CVSS Score

7.5

EPSS Score

0.044

Published

2025-07-19

Page 1

Vulnerabilities

Vulnerable Software

Un-Ts: >> Synckit Security Vulnerabilities

Products

Pricing

Contact Us