Shodan
Vulnerabilities
Vulnerable Software

Vulnerability Details CVE-2026-39865

Axios is a promise based HTTP client for the browser and Node.js. Starting in version 1.13.0 and prior to 1.13.2, Axios HTTP/2 session cleanup logic contains a state corruption bug that allows a malicious server to crash the client process through concurrent session closures. The vulnerability exists in the Http2Sessions.getSession() method in lib/adapters/http.js. The session cleanup logic contains a control flow error when removing sessions from the sessions array. This vulnerability is fixed in 1.13.2.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 3.5%
CVSS Severity
CVSS v3 Score 5.9
Products affected by CVE-2026-39865
  • Axios » Axios » Version: 1.0.0
    cpe:2.3:a:axios:axios:1.0.0
  • Axios » Axios » Version: 1.1.0
    cpe:2.3:a:axios:axios:1.1.0
  • Axios » Axios » Version: 1.1.1
    cpe:2.3:a:axios:axios:1.1.1
  • Axios » Axios » Version: 1.1.2
    cpe:2.3:a:axios:axios:1.1.2
  • Axios » Axios » Version: 1.1.3
    cpe:2.3:a:axios:axios:1.1.3
  • Axios » Axios » Version: 1.10.0
    cpe:2.3:a:axios:axios:1.10.0
  • Axios » Axios » Version: 1.11.0
    cpe:2.3:a:axios:axios:1.11.0
  • Axios » Axios » Version: 1.12.0
    cpe:2.3:a:axios:axios:1.12.0
  • Axios » Axios » Version: 1.12.1
    cpe:2.3:a:axios:axios:1.12.1
  • Axios » Axios » Version: 1.12.2
    cpe:2.3:a:axios:axios:1.12.2
  • Axios » Axios » Version: 1.13.0
    cpe:2.3:a:axios:axios:1.13.0
  • Axios » Axios » Version: 1.13.1
    cpe:2.3:a:axios:axios:1.13.1
  • Axios » Axios » Version: 1.2.0
    cpe:2.3:a:axios:axios:1.2.0
  • Axios » Axios » Version: 1.2.1
    cpe:2.3:a:axios:axios:1.2.1
  • Axios » Axios » Version: 1.2.2
    cpe:2.3:a:axios:axios:1.2.2
  • Axios » Axios » Version: 1.2.3
    cpe:2.3:a:axios:axios:1.2.3
  • Axios » Axios » Version: 1.2.4
    cpe:2.3:a:axios:axios:1.2.4
  • Axios » Axios » Version: 1.2.5
    cpe:2.3:a:axios:axios:1.2.5
  • Axios » Axios » Version: 1.2.6
    cpe:2.3:a:axios:axios:1.2.6
  • Axios » Axios » Version: 1.3.0
    cpe:2.3:a:axios:axios:1.3.0
  • Axios » Axios » Version: 1.3.1
    cpe:2.3:a:axios:axios:1.3.1
  • Axios » Axios » Version: 1.3.2
    cpe:2.3:a:axios:axios:1.3.2
  • Axios » Axios » Version: 1.3.3
    cpe:2.3:a:axios:axios:1.3.3
  • Axios » Axios » Version: 1.3.4
    cpe:2.3:a:axios:axios:1.3.4
  • Axios » Axios » Version: 1.3.5
    cpe:2.3:a:axios:axios:1.3.5
  • Axios » Axios » Version: 1.3.6
    cpe:2.3:a:axios:axios:1.3.6
  • Axios » Axios » Version: 1.4.0
    cpe:2.3:a:axios:axios:1.4.0
  • Axios » Axios » Version: 1.5.0
    cpe:2.3:a:axios:axios:1.5.0
  • Axios » Axios » Version: 1.5.1
    cpe:2.3:a:axios:axios:1.5.1
  • Axios » Axios » Version: 1.6.0
    cpe:2.3:a:axios:axios:1.6.0
  • Axios » Axios » Version: 1.6.1
    cpe:2.3:a:axios:axios:1.6.1
  • Axios » Axios » Version: 1.6.2
    cpe:2.3:a:axios:axios:1.6.2
  • Axios » Axios » Version: 1.6.3
    cpe:2.3:a:axios:axios:1.6.3
  • Axios » Axios » Version: 1.6.4
    cpe:2.3:a:axios:axios:1.6.4
  • Axios » Axios » Version: 1.6.5
    cpe:2.3:a:axios:axios:1.6.5
  • Axios » Axios » Version: 1.6.6
    cpe:2.3:a:axios:axios:1.6.6
  • Axios » Axios » Version: 1.6.7
    cpe:2.3:a:axios:axios:1.6.7
  • Axios » Axios » Version: 1.6.8
    cpe:2.3:a:axios:axios:1.6.8
  • Axios » Axios » Version: 1.7.0
    cpe:2.3:a:axios:axios:1.7.0
  • Axios » Axios » Version: 1.7.1
    cpe:2.3:a:axios:axios:1.7.1
  • Axios » Axios » Version: 1.7.2
    cpe:2.3:a:axios:axios:1.7.2
  • Axios » Axios » Version: 1.7.3
    cpe:2.3:a:axios:axios:1.7.3
  • Axios » Axios » Version: 1.7.4
    cpe:2.3:a:axios:axios:1.7.4
  • Axios » Axios » Version: 1.7.5
    cpe:2.3:a:axios:axios:1.7.5
  • Axios » Axios » Version: 1.7.6
    cpe:2.3:a:axios:axios:1.7.6
  • Axios » Axios » Version: 1.7.7
    cpe:2.3:a:axios:axios:1.7.7
  • Axios » Axios » Version: 1.7.8
    cpe:2.3:a:axios:axios:1.7.8
  • Axios » Axios » Version: 1.7.9
    cpe:2.3:a:axios:axios:1.7.9
  • Axios » Axios » Version: 1.8.0
    cpe:2.3:a:axios:axios:1.8.0
  • Axios » Axios » Version: 1.8.1
    cpe:2.3:a:axios:axios:1.8.1
  • Axios » Axios » Version: 1.8.2
    cpe:2.3:a:axios:axios:1.8.2
  • Axios » Axios » Version: 1.8.3
    cpe:2.3:a:axios:axios:1.8.3
  • Axios » Axios » Version: 1.8.4
    cpe:2.3:a:axios:axios:1.8.4
  • Axios » Axios » Version: 1.9.0
    cpe:2.3:a:axios:axios:1.9.0


Products
Pricing
Contact Us

Shodan ® - All rights reserved