Description
Axios is a promise based HTTP client for the browser and Node.js. From 1.15.2 to before 1.16.0, nested objects created by utils.merge() (e.g., config.proxy) are still constructed as plain {} with Object.prototype in their chain. The setProxy() function at lib/adapters/http.js:209-223 reads proxy.username, proxy.password, and proxy.auth without hasOwnProperty checks. When Object.prototype.username is polluted, setProxy() constructs a Proxy-Authorization header with attacker-controlled credentials and injects it into every proxied HTTP request. This vulnerability is fixed in 1.16.0.
Published: 2026-06-11
Score: 3.7 Low
EPSS: n/a
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

The issue arises from prototype pollution in the Axios HTTP client. In versions 1.15.2 through 1.15.x, the utils.merge() function creates nested configuration objects that inherit from Object.prototype. The setProxy() routine (lib/adapters/http.js) then reads proxy.username, proxy.password and proxy.auth without checking hasOwnProperty. If an attacker has injected a property such as username onto Object.prototype, the routine will build a Proxy‑Authorization header using that polluted value and attach it to every proxied request. The headers thus contain attacker‑controlled credentials, leading to credential disclosure and potential authentication abuse. The flaw does not cause arbitrary code execution but represents a header injection and unsanitised input weakness (CWE‑113, CWE‑1321, CWE‑346).

Affected Systems

Axios HTTP client for both browser and Node.js versions 1.15.2 up to, but not including, 1.16.0 are affected. The flaw exists in the utils.merge() and setProxy() logic of adapters/http.js. Upgrading to 1.16.0 or later removes the vulnerability.

Risk and Exploitability

The flaw carries a CVSS score of 3.7, indicating low to moderate severity. No EPSS data is available, and the vulnerability is not listed in the CISA KEV catalog. The attack vector requires an attacker able to execute JavaScript in the same runtime as the Axios instance – for example, via a cross‑site scripting or remote code execution vulnerability in the application. Once the prototype is polluted, every HTTP request that uses Axios as a proxy will silently emit attacker‑controlled credentials, which could be used to authenticate to third‑party services or implicate legitimate user accounts.

Generated by OpenCVE AI on June 12, 2026 at 01:20 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade Axios to version 1.16.0 or later, which contains the prototype pollution fix.
  • If an immediate upgrade is not possible, sanitize the proxy configuration by removing any potentially injected properties from Object.prototype before constructing the Axios request (e.g., delete Object.prototype.username; delete Object.prototype.password; delete Object.prototype.auth).
  • Limit exposure of proxy configuration values to trusted code only and validate all proxy properties so that setProxy() receives only own properties rather than inherited ones.

Generated by OpenCVE AI on June 12, 2026 at 01:20 UTC.

Tracking

Sign in to view the affected projects.

Advisories
Source ID Title
Github GHSA Github GHSA GHSA-654m-c8p4-x5fp Axios has a Patch Bypass: Proxy-Authorization Header Injection via Prototype Pollution — Incomplete Null-Prototype Fix
History

Fri, 12 Jun 2026 00:15:00 +0000

Type Values Removed Values Added
Weaknesses CWE-346
References
Metrics threat_severity

None

 threat_severity

Low

Thu, 11 Jun 2026 20:00:00 +0000

Type Values Removed Values Added
First Time appeared Axios
Axios axios
Vendors & Products Axios
Axios axios

Thu, 11 Jun 2026 19:30:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'poc', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Thu, 11 Jun 2026 16:45:00 +0000

Type Values Removed Values Added
Description Axios is a promise based HTTP client for the browser and Node.js. From 1.15.2 to before 1.16.0, nested objects created by utils.merge() (e.g., config.proxy) are still constructed as plain {} with Object.prototype in their chain. The setProxy() function at lib/adapters/http.js:209-223 reads proxy.username, proxy.password, and proxy.auth without hasOwnProperty checks. When Object.prototype.username is polluted, setProxy() constructs a Proxy-Authorization header with attacker-controlled credentials and injects it into every proxied HTTP request. This vulnerability is fixed in 1.16.0.
Title Axios: Proxy-Authorization Header Injection via Prototype Pollution — Incomplete Null-Prototype Fix
Weaknesses CWE-113
CWE-1321
References
Metrics cvssV3_1

{'score': 3.7, 'vector': 'CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N'}

Subscriptions

Axios Axios
cve-icon MITRE

Status: PUBLISHED

Assigner: GitHub_M

Published:

Updated: 2026-06-11T18:17:09.112Z

Reserved: 2026-05-06T17:18:51.783Z

Link: CVE-2026-44489

cve-icon Vulnrichment

Updated: 2026-06-11T18:16:13.652Z

cve-icon NVD

Status : Awaiting Analysis

Published: 2026-06-11T17:16:32.883

Modified: 2026-06-11T20:56:29.653

Link: CVE-2026-44489

cve-icon Redhat

Severity : Low

Publid Date: 2026-06-11T15:30:44Z

Links: CVE-2026-44489 - Bugzilla

cve-icon OpenCVE Enrichment

Updated: 2026-06-12T01:30:08Z

Weaknesses
  • CWE-113

    Improper Neutralization of CRLF Sequences in HTTP Headers ('HTTP Request/Response Splitting')

  • CWE-1321

    Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')

  • CWE-346

    Origin Validation Error