Skip to main content
CVE Vulnerability Database
Vulnerability Database/CVE-2025-59037

CVE-2025-59037: DuckDB npm Package Compromise Vulnerability

CVE-2025-59037 involved a supply chain attack on DuckDB's npm packages, where malicious code was injected to interfere with cryptocurrency transactions. This article covers the technical details, affected versions, and mitigation.

Updated:

CVE-2025-59037 Overview

CVE-2025-59037 affects the DuckDB distribution for Node.js published on the npm registry. On 8 September 2025, attackers compromised the DuckDB maintainer account and published malicious versions of four DuckDB packages. The malicious code targeted cryptocurrency transactions on systems running the affected releases. DuckDB deprecated the malicious versions, coordinated with npm support to remove them, and released clean replacements with higher version numbers. The incident is classified under CWE-506: Embedded Malicious Code.

Critical Impact

Malicious code embedded in four DuckDB npm packages interfered with cryptocurrency transactions, exposing users who installed @duckdb/node-api@1.3.3, @duckdb/node-bindings@1.3.3, duckdb@1.3.3, or @duckdb/duckdb-wasm@1.29.2 to financial loss.

Affected Products

  • @duckdb/node-api version 1.3.3
  • @duckdb/node-bindings version 1.3.3
  • duckdb version 1.3.3 and @duckdb/duckdb-wasm version 1.29.2

Discovery Timeline

  • 2025-09-08 - Compromised packages published to npm by an attacker controlling DuckDB maintainer credentials
  • 2025-09-09 - CVE-2025-59037 published to the National Vulnerability Database
  • 2026-04-15 - Last updated in NVD database

Technical Details for CVE-2025-59037

Vulnerability Analysis

CVE-2025-59037 is a supply chain compromise rather than a code defect in DuckDB itself. An attacker gained the ability to publish to the DuckDB npm namespace and released versions containing embedded malicious code. The malicious payload was designed to interfere with cryptocurrency transactions performed on hosts where the package was installed and executed. The same campaign affected several other popular npm packages, including debug and chalk, as documented in the Aikido analysis of the npm compromise.

According to npm download statistics referenced in the DuckDB security advisory, no downloads of the affected versions occurred before deprecation. Despite the low download count, any automated build pipeline that pinned to ^1.3.2 or similar floating ranges could have pulled the compromised release.

Root Cause

The root cause is an upstream account or token compromise on the npm registry that allowed an unauthorized party to publish under the DuckDB maintainer identity. The published artifacts contained code unrelated to DuckDB functionality, classifying the issue under CWE-506 (Embedded Malicious Code).

Attack Vector

The attack vector is network-based and requires user action to install or update the affected npm package. Once installed, the malicious code executes within the Node.js process and hooks into cryptocurrency wallet activity on the host. Refer to the DuckDB v1.3.4 release notes for the clean rebuild and the published advisory for additional context.

Detection Methods for CVE-2025-59037

Indicators of Compromise

  • Presence of @duckdb/node-api@1.3.3, @duckdb/node-bindings@1.3.3, duckdb@1.3.3, or @duckdb/duckdb-wasm@1.29.2 in package-lock.json, yarn.lock, or pnpm-lock.yaml
  • Outbound network connections from Node.js processes to wallet address replacement infrastructure described in the Aikido analysis
  • Modified clipboard contents during cryptocurrency transactions on systems running affected builds

Detection Strategies

  • Run npm ls duckdb @duckdb/node-api @duckdb/node-bindings @duckdb/duckdb-wasm recursively across all repositories and build agents to enumerate installed versions
  • Audit CI/CD artifact caches and container images built between 8 and 9 September 2025 for the compromised tarballs
  • Compare installed package hashes against the integrity values published in the GitHub advisory

Monitoring Recommendations

  • Enable npm audit signals and dependency scanning in source control to flag installations of deprecated versions
  • Monitor Node.js processes for unexpected file system access to browser profiles or wallet directories
  • Log and alert on outbound DNS or HTTP requests from build servers to domains referenced in the Aikido write-up

How to Mitigate CVE-2025-59037

Immediate Actions Required

  • Upgrade to duckdb@1.3.4, @duckdb/node-api@1.3.4, @duckdb/node-bindings@1.3.4, or @duckdb/duckdb-wasm@1.30.0 or higher
  • Purge local and CI npm caches, then reinstall dependencies from clean lockfiles
  • Rotate any credentials, API tokens, or wallet keys handled on systems that executed the compromised versions

Patch Information

DuckDB released fixed packages with version numbers higher than the compromised builds. Upgrade to 1.3.4 for duckdb, @duckdb/node-api, and @duckdb/node-bindings, and to 1.30.0 for @duckdb/duckdb-wasm. Details are available in the DuckDB Node.js v1.3.4 release.

Workarounds

  • Downgrade to duckdb@1.3.2 or @duckdb/duckdb-wasm@1.29.1 if upgrading is not immediately possible
  • Pin exact versions in lockfiles and disable automatic minor or patch updates for the DuckDB packages
  • Use npm install --ignore-scripts in CI to reduce the impact of malicious lifecycle scripts pending verification
bash
# Configuration example
npm uninstall duckdb @duckdb/node-api @duckdb/node-bindings @duckdb/duckdb-wasm
npm cache clean --force
npm install duckdb@1.3.4 @duckdb/node-api@1.3.4 @duckdb/node-bindings@1.3.4 @duckdb/duckdb-wasm@1.30.0
npm ls duckdb @duckdb/node-api @duckdb/node-bindings @duckdb/duckdb-wasm

Disclaimer: This content was generated using AI. While we strive for accuracy, please verify critical information with official sources.

Default Legacy - Prefooter | Experience the World’s Most Advanced Cybersecurity Platform

Experience the Most Advanced Cybersecurity Platform

See how the world’s most intelligent, autonomous cybersecurity platform can protect your organization today and into the future.