Home / Security updates / Axios: Compromised NPM package (1.14.1 and 0.30.4)
Axios: Compromised NPM package (1.14.1 and 0.30.4)
Security updates detail rendered from /security-updates/upd_1abf314ab8fd22ff.
Overview
| ID | upd_1abf314ab8fd22ff |
| Collection | Security Updates |
| Provider | SafeBase |
| Company | KLDiscovery |
| URL | - |
| Counts | - |
| Updated | - |
Raw record
| Field | Value |
|---|---|
| id | upd_1abf314ab8fd22ff |
| providerId | safebase |
| organizationId | org_62693e8cfecc1b4d |
| trustCenterId | tc_a7c1c4f8752a1e30 |
| title | Axios: Compromised NPM package (1.14.1 and 0.30.4) |
| message | Our organization has completed a review of the recently disclosed vulnerabilities affecting specific versions of the Axios (v1.14.1 and v0.30.4) and plain‑crypto‑js (v4.2.1) npm packages. Based on our investigation, we confirm that none of the vulnerable versions have been downloaded, installed, or used in any development, build, or production environment. Although Axios is utilized within certain internal workflows, it is not present in any affected or vulnerable version, and these systems do not process or store customer data. |
| url | - |
| publishedAt | 2026-04-01 |
| source | {
"field": "statuspage/public/compliance-update",
"category": "vulnerabilities"
} |
| company | {
"id": "org_62693e8cfecc1b4d",
"name": "KLDiscovery",
"domains": [
"trust.kldiscovery.com",
"kldiscovery.com"
]
} |
| trust_center | {
"id": "tc_a7c1c4f8752a1e30",
"name": "KLDiscovery",
"url": "https://trust.kldiscovery.com",
"host": "trust.kldiscovery.com"
} |
| provider | {
"id": "safebase",
"name": "SafeBase"
} |
| links | {
"self": "/v1/security-updates/upd_1abf314ab8fd22ff",
"company": "/v1/companies/org_62693e8cfecc1b4d",
"trust_center": "/v1/trust-centers/tc_a7c1c4f8752a1e30",
"provider": "/v1/providers/safebase"
} |
Get this page with API
Rendered from the bluedoor Trust Centers API. Reproduce it:
GET https://api.bluedoor.sh/trust-centers/v1/security-updates/upd_1abf314ab8fd22ffJSON