/support/notes/service/sap_logo.png){kind=logo}
SAP Knowledge Base Article - PublicSymptom
- A security alert was issued regarding malicious versions of the Axios npm package published on March 31, 2026.
- The compromised versions (axios@1.14.1 and axios@0.30.4) included a dependency (plain-crypto-js) that contained a remote access trojan (RAT).
- Node.js projects that automatically pulled these versions may be at risk.
- Customers requested confirmation on whether environments (including ias, learning, bizx, and jam) are affected and whether any patching is required.
Environment
SAP SuccessFactors Learning
Resolution
- As of April 9, 2026, no evidence of impact to SAP solutions from the Axios incident has been found, and monitoring continues. Please follow this KBA for any updates or changes.
- npm packages are used in SAP IAS, Learning, BizX, and JAM solutions; however, no vulnerable versions are used in these or any other SAP solutions.
- No patching is required at this time.
Keywords
axios, npm, supply chain attack, plain-crypto-js, remote access trojan, RAT, axios 1.14.1, axios 0.30.4, node.js, impact assessment, successfactors learning, ias, bizx, jam, vulnerability monitoring, SAP solutions, SAP IAS, Learning, BizX and JAM solutions, , KBA , LOD-SF-LMS-ADM , System Admin, Global Variables, References , Problem
Product
SAP SuccessFactors Learning all versions
/support/notes/service/twitter.svg)
/support/notes/service/youtube.svg)
/support/notes/service/linkedin.svg)
/support/notes/service/instagram2.svg)