CVE-2026-44494 | Axios up to 1.15.x lib/adapters/http.js setProxy confused deputy

June 11, 2026 Yanac

A vulnerability, which was classified as problematic, was found in Axios up to 1.15.x. This affects the function setProxy in the library lib/adapters/http.js. Such manipulation leads to unintended intermediary.

This vulnerability is referenced as CVE-2026-44494. It is possible to launch the attack remotely. No exploit is available.

You should upgrade the affected component.VulDB Recent EntriesRead More