THREAT OPS › CVEs › CVE-2025-54313
CVE-2025-54313 — Prettier eslint-config-prettier Embedded Malicious Code Vulnerability
Prettier eslint-config-prettier contains an embedded malicious code vulnerability. Installing an affected package executes an install.js file that launches the node-gyp.dll malware on Windows.
Vulnerability details
- Affected productseslint-config-prettier
- KEV remediation due2026-02-12