THREATOPS
THREAT OPSCVEs › CVE-2025-54313

CVE-2025-54313 — Prettier eslint-config-prettier Embedded Malicious Code Vulnerability

CISA KEVExploited: confirmedPrettier

Prettier eslint-config-prettier contains an embedded malicious code vulnerability. Installing an affected package executes an install.js file that launches the node-gyp.dll malware on Windows.

Vulnerability details