4.4.3
4.4.3
CVE-2025-59144 signifies a severe compromise of the 'debug' package, where malicious code has been injected. This indicates a complete takeover of systems running the affected package. The vulnerability impacts versions of the 'debug' package less than or equal to 4.4.2. Immediate action is required to mitigate the risk, including rotating all secrets and removing the package.
The impact of CVE-2025-59144 is catastrophic. The description explicitly states that any computer with the compromised package installed is considered fully compromised. An attacker has likely gained full control of the system, potentially exfiltrating sensitive data, installing persistent malware, or using the system as a launchpad for further attacks. All secrets and keys stored on the affected system should be considered compromised and rotated immediately from a clean, isolated machine. The blast radius extends to any system connected to or relying on the compromised system.
CVE-2025-59144 is a high-severity issue due to the package compromise. It is listed as a ghsa-malware event, indicating malicious activity. Public proof-of-concept (POC) code is not expected, as the vulnerability involves a compromised package. Active campaigns exploiting this vulnerability are likely, given the severity and potential impact. Published on 2025-09-08.
Organizations and developers using the Nodejs debug package in their projects are at risk. This includes those deploying Node.js applications in production environments, as well as development teams relying on the package for debugging purposes. Shared hosting environments where multiple users share the same server are particularly vulnerable, as a compromise of the package could affect all users on the server.
• nodejs / supply-chain:
npm ls debug• nodejs / supply-chain:
npm audit debug• nodejs / supply-chain:
find /usr/local/lib/node_modules/debug -type f -exec grep -i 'malicious code' {} + disclosure
Exploit-Status
EPSS
0.09% (25% Perzentil)
CISA SSVC
The immediate mitigation for CVE-2025-59144 is to remove the compromised 'debug' package from all affected systems. Rolling back to a previous, uncompromised version is not possible as the package has been actively modified. After removal, rotate all secrets and keys stored on the affected system from a clean, isolated machine. Consider implementing enhanced monitoring and intrusion detection systems to identify and prevent future package compromises. Verify removal by scanning the system for remnants of the malicious code and confirming that the package is no longer present.
Actualice a la versión 4.4.3 o superior. Elimine completamente el directorio node_modules, limpie la caché global de su administrador de paquetes y reconstruya cualquier paquete del navegador desde cero. Si opera registros privados o espejos de registro, purgue las versiones afectadas de cualquier caché.
Schwachstellenanalysen und kritische Warnungen direkt in deinen Posteingang.
CVE-2025-59144 is a HIGH severity vulnerability where malicious code was injected into the Nodejs debug package, potentially granting attackers full control over affected systems.
You are affected if you are using Nodejs debug version 4.4.2 or earlier. Check your installed version using npm ls debug.
Upgrade to Nodejs debug version 4.4.3 or higher. If upgrading is not possible, remove the package and rotate all secrets stored on the affected system.
While active exploitation is not yet confirmed, the nature of the vulnerability (supply chain compromise) suggests a high probability of exploitation.
Refer to the Nodejs security advisories and the ghsa-malware report for details: [https://github.com/advisories/ghsa-malware](https://github.com/advisories/ghsa-malware)
Lade deine Abhängigkeitsdatei hoch und erfahre sofort, ob dich diese und andere CVEs treffen.