On 2026-05-27, CISA added CVE-2026-48027 to its Known Exploited Vulnerabilities catalog, citing an embedded malicious...

On 2026-05-27, CISA added CVE-2026-48027 to its Known Exploited Vulnerabilities catalog, citing an embedded malicious code vulnerability in Nx Console (CISA KEV entry). The vulnerability allowed a malicious version of the extension to be published, which could harvest credentials from disk and memory. The advisory notes known ransomware campaign use and requires mitigation by 2026-06-10. This represents a significant trust and security risk for Nx, potentially driving developers away from the platform and impacting enterprise adoption. While Nx has released patches (nx 22.7.5 and 23.0.0-beta.20/21 on the same day, nx 22.7.5 release and nx 23.0.0-beta.20 release), the incident undermines the product's reliability and could cause churn among security-conscious users.