CVE-2025-59037 Overview
CVE-2025-59037 is a supply chain compromise affecting the DuckDB distribution for Node.js published on npm. On 08 September 2025, an attacker published malicious versions of four DuckDB packages containing code designed to interfere with cryptocurrency transactions. The compromise is classified under [CWE-506] (Embedded Malicious Code) and affects the @duckdb/node-api, @duckdb/node-bindings, duckdb, and @duckdb/duckdb-wasm packages. DuckDB maintainers deprecated the affected versions, engaged npm support to remove them, and republished clean releases under higher version numbers.
Critical Impact
Malicious code injected into legitimate DuckDB npm packages targeted cryptocurrency transactions on systems that installed the compromised versions, exposing developer and runtime environments to financial theft.
Affected Products
- @duckdb/node-api@1.3.3
- @duckdb/node-bindings@1.3.3 and duckdb@1.3.3
- @duckdb/duckdb-wasm@1.29.2
Discovery Timeline
- 08 September 2025 - Malicious package versions published to npm as part of a broader campaign also affecting debug and chalk
- 2025-09-09 - CVE-2025-59037 published to NVD
- 2026-04-15 - Last updated in NVD database
Technical Details for CVE-2025-59037
Vulnerability Analysis
The incident is a software supply chain attack rather than a code-level flaw in DuckDB itself. An attacker gained the ability to publish to the DuckDB namespace on npm and released tampered builds of four packages widely used by Node.js applications that embed analytical SQL functionality. The injected payload targeted cryptocurrency wallet activity by interfering with transactions executed on machines where the packages were installed. According to npm download statistics referenced in the advisory, no users downloaded the malicious versions before they were deprecated, limiting practical exposure.
Root Cause
The root cause is unauthorized publication of trojanized package versions to the npm registry. The malicious releases shared the same names as legitimate DuckDB packages, allowing dependency resolvers and lockfile updates to retrieve attacker-controlled code under trusted identifiers. The compromise is part of a broader npm maintainer-targeting campaign documented by third-party researchers.
Attack Vector
Exploitation requires a developer or build system to install one of the affected versions through npm install, yarn, or pnpm. Once installed, the embedded code executes within the Node.js process and attempts to hijack cryptocurrency transactions handled by the host application or browser context, in the case of the WebAssembly package. Network attack vector applies because retrieval happens over the public registry, and user interaction is limited to running the installation or build command. The vulnerability mechanism is described in the GitHub Security Advisory GHSA-w62p-hx95-gf2c and the Aikido Blog Compromised Packages Analysis.
Detection Methods for CVE-2025-59037
Indicators of Compromise
- Presence of @duckdb/node-api@1.3.3, @duckdb/node-bindings@1.3.3, duckdb@1.3.3, or @duckdb/duckdb-wasm@1.29.2 in package-lock.json, yarn.lock, or pnpm-lock.yaml
- Outbound network connections from Node.js processes to unknown hosts following installation of the affected versions
- Browser or Node.js runtime modifying clipboard contents or intercepting Web3 wallet APIs immediately after dependency installation
Detection Strategies
- Audit dependency manifests and lockfiles across all repositories for the four compromised package versions
- Run npm ls duckdb @duckdb/node-api @duckdb/node-bindings @duckdb/duckdb-wasm in every project to surface transitive inclusions
- Compare installed package integrity hashes against the current published metadata for versions 1.3.4 and 1.30.0
Monitoring Recommendations
- Enable npm audit signatures and provenance checks in CI pipelines to flag unsigned or republished artifacts
- Monitor developer workstations and build agents for unexpected outbound connections originating from node processes
- Track cryptocurrency wallet integrations for anomalous transaction destinations or modified recipient addresses
How to Mitigate CVE-2025-59037
Immediate Actions Required
- Upgrade to duckdb@1.3.4, @duckdb/node-api@1.3.4, @duckdb/node-bindings@1.3.4, @duckdb/duckdb-wasm@1.30.0, or higher
- Purge local and CI npm caches that may contain the deprecated tarballs using npm cache clean --force
- Rotate any credentials, tokens, or wallet keys handled by systems that installed the affected versions
Patch Information
DuckDB maintainers deprecated the malicious versions, coordinated with npm to remove them, and republished clean builds. Fixed releases are documented in the GitHub Release v1.3.4 notes. Pinning to 1.3.4 or 1.30.0 and higher restores known-good code.
Workarounds
- Downgrade to the last known-good versions duckdb@1.3.2 or @duckdb/duckdb-wasm@1.29.1 if upgrading is not immediately possible
- Use lockfile pinning and npm install --ignore-scripts during investigation to prevent execution of postinstall hooks
- Block the affected version ranges in private registry mirrors or dependency firewalls
# Configuration example
npm install duckdb@1.3.4 @duckdb/node-api@1.3.4 @duckdb/node-bindings@1.3.4
npm install @duckdb/duckdb-wasm@1.30.0
npm ls duckdb @duckdb/node-api @duckdb/node-bindings @duckdb/duckdb-wasm
Disclaimer: This content was generated using AI. While we strive for accuracy, please verify critical information with official sources.
