27 May 2026
Reference: CVE-2026-48027
1. What is being reported?
A harmful version of Nx Console, a tool that helps manage software projects, was accidentally published and available for a short time in official software marketplaces. This version contained malicious code that could compromise systems. The vendor has released a safe update to fix this issue.
2. What this means in plain English
If your organisation uses Nx Console, there is a risk that the malicious version could have been installed, potentially allowing attackers to access or damage your systems. Even if you do not use this tool directly, if your IT provider or developers use it, your organisation could be at risk.
3. Could this affect a small business?
Small businesses that use Nx Console or have developers who use it could be affected. Organisations not using this software or related tools are unlikely to be impacted.
4. What to do now
- Check if Nx Console is used in your organisation or by your IT provider.
- If used, confirm the version installed is 18.100.0 or later, which is safe.
- If an older version was installed recently, ask your IT provider to investigate and apply necessary fixes.
- If you do not use Nx Console, no action is needed, but remain vigilant for any unusual activity.
5. Ask your IT provider
Can you confirm whether Nx Console is used in our systems, and if so, have you ensured it is updated to the safe version 18.100.0 or later following the recent security alert?
6. Bottom line
Ensure Nx Console is updated to the safe version to protect your organisation from this critical security risk.
Information based on CISA KEV, NVD and reputable security reporting.