CNNVD-202509-3672 Information

CNNVD ID

CNNVD-202509-3672

Related CVE

CVE-2025-10894

• CNNVD Published: 2025-09-23

Description (Chinese)

Nx是Nx公司的一个应用软件。 Nx存在安全漏洞，该漏洞源于供应链攻击导致恶意代码注入，可能扫描文件系统并收集凭据。

Description (English)

Nx is an application for Nx. Nx has a security loophole, which stems from a supply chain attack leading to the injection of malicious codes, which may scan document systems and collect evidence.

Hazard Level

Low

Vulnerability Type

其他

Affected Vendor

O-RAN Software Community

Published

2025-09-23

Last Modified

2026-02-24

References

https://access.redhat.com/security/supply-chain-attacks-NPM-packages https://bugzilla.redhat.com/show_bug.cgi?id=2396282 https://github.com/nrwl/nx/security/advisories/GHSA-cxm3-wv7p-598c https://access.redhat.com/security/cve/CVE-2025-10894 https://www.stepsecurity.io/blog/supply-chain-security-alert-popular-nx-build-system-package-compromised-with-data-stealing-malware https://www.wiz.io/blog/s1ngularity-supply-chain-attack https://access.redhat.com/security/cve/cve-2025-10894