CVEFinder.io

CVE-2026-45321

⛔ critical
🔍 Scan for this CVE
Summary

On 2026-05-11, between approximately 19:20 and 19:26 UTC, 84 malicious versions across 42 @tanstack/* packages were published to the npm registry. The publishes were authenticated via the legitimate GitHub Actions OIDC trusted-publisher binding for TanStack/router, but the publish workflow itself was not modified. The attacker chained three known vulnerability classes — a pull_request_target "Pwn Request" misconfiguration, GitHub Actions cache poisoning across the fork↔base trust boundary, and r

Description

On 2026-05-11, between approximately 19:20 and 19:26 UTC, 84 malicious versions across 42 @tanstack/* packages were published to the npm registry. The publishes were authenticated via the legitimate GitHub Actions OIDC trusted-publisher binding for TanStack/router, but the publish workflow itself was not modified. The attacker chained three known vulnerability classes — a pull_request_target "Pwn Request" misconfiguration, GitHub Actions cache poisoning across the fork↔base trust boundary, and runtime memory extraction of the OIDC token from the Actions runner process — to publish credential-stealing malware under a trusted identity. Each affected package received exactly two malicious versions, published a few minutes apart.

CVSS Score
9.6
Critical
EPSS Score
17.1
Exploit Probability
Published Date
2026-05-12
First Seen: 2026-05-17
📊 Relative Risk Intelligence

This CVE is Very High Risk - more severe than 90.2% of all 328,009 vulnerabilities in our database.

#32,050
Top 10% most severe
Severity Percentile
🎯 CISA SSVC Assessment Updated: May 27, 2026
🔍 Exploitation Status
Active
Exploits detected in the wild
⚙️ Automatable
NO
Requires human interaction
💥 Technical Impact
Total
Complete system compromise possible
SSVC data provided by CISA
Last Modified 2026-05-29
Source NVD 🔗
CVSS Vector 3.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
CWE IDs (Weakness Types)
CWE-506

📦 Affected Products 343

Vendor Product Status Affected Versions
tanstack tanstack\/arktype-adapter Affected
v1.166.12
tanstack tanstack\/arktype-adapter Affected
v1.166.15
tanstack tanstack\/eslint-plugin-router Affected
v1.161.12
tanstack tanstack\/eslint-plugin-router Affected
v1.161.9
tanstack tanstack\/eslint-plugin-start Affected
v0.0.4
tanstack tanstack\/eslint-plugin-start Affected
v0.0.7
tanstack tanstack\/history Affected
v1.161.12
tanstack tanstack\/history Affected
v1.161.9
tanstack tanstack\/nitro-v2-vite-plugin Affected
v1.154.12
tanstack tanstack\/nitro-v2-vite-plugin Affected
v1.154.15
tanstack tanstack\/react-router Affected
v1.169.5
tanstack tanstack\/react-router Affected
v1.169.8
tanstack tanstack\/react-router-devtools Affected
v1.166.16
tanstack tanstack\/react-router-devtools Affected
v1.166.19
tanstack tanstack\/react-router-ssr-query Affected
v1.166.15
tanstack tanstack\/react-router-ssr-query Affected
v1.166.18
tanstack tanstack\/react-start Affected
v1.167.68
tanstack tanstack\/react-start Affected
v1.167.71
tanstack tanstack\/react-start-client Affected
v1.166.51
tanstack tanstack\/react-start-client Affected
v1.166.54
tanstack tanstack\/react-start-rsc Affected
v0.0.47
tanstack tanstack\/react-start-rsc Affected
v0.0.50
tanstack tanstack\/react-start-server Affected
v1.166.55
tanstack tanstack\/react-start-server Affected
v1.166.58
tanstack tanstack\/router-cli Affected
v1.166.46
tanstack tanstack\/router-cli Affected
v1.166.49
tanstack tanstack\/router-core Affected
v1.169.5
tanstack tanstack\/router-core Affected
v1.169.8
tanstack tanstack\/router-devtools Affected
v1.166.16
tanstack tanstack\/router-devtools Affected
v1.166.19
tanstack tanstack\/router-devtools-core Affected
v1.167.6
tanstack tanstack\/router-devtools-core Affected
v1.167.9
tanstack tanstack\/router-generator Affected
v1.166.45
tanstack tanstack\/router-generator Affected
v1.166.48
tanstack tanstack\/router-plugin Affected
v1.167.38
tanstack tanstack\/router-plugin Affected
v1.167.41
tanstack tanstack\/router-ssr-query-core Affected
v1.168.3
tanstack tanstack\/router-ssr-query-core Affected
v1.168.6
tanstack tanstack\/router-utils Affected
v1.161.11
tanstack tanstack\/router-utils Affected
v1.161.14
tanstack tanstack\/router-vite-plugin Affected
v1.166.53
tanstack tanstack\/router-vite-plugin Affected
v1.166.56
tanstack tanstack\/solid-router Affected
v1.169.5
tanstack tanstack\/solid-router Affected
v1.169.8
tanstack tanstack\/solid-router-devtools Affected
v1.166.16
tanstack tanstack\/solid-router-devtools Affected
v1.166.19
tanstack tanstack\/solid-router-ssr-query Affected
v1.166.15
tanstack tanstack\/solid-router-ssr-query Affected
v1.166.18
tanstack tanstack\/solid-start Affected
v1.167.65
tanstack tanstack\/solid-start Affected
v1.167.68
tanstack tanstack\/solid-start-client Affected
v1.166.50
tanstack tanstack\/solid-start-client Affected
v1.166.53
tanstack tanstack\/solid-start-server Affected
v1.166.54
tanstack tanstack\/solid-start-server Affected
v1.166.57
tanstack tanstack\/start-client-core Affected
v1.168.5
tanstack tanstack\/start-client-core Affected
v1.168.8
tanstack tanstack\/start-fn-stubs Affected
v1.161.12
tanstack tanstack\/start-fn-stubs Affected
v1.161.9
tanstack tanstack\/start-plugin-core Affected
v1.169.23
tanstack tanstack\/start-plugin-core Affected
v1.169.26
tanstack tanstack\/start-server-core Affected
v1.167.33
tanstack tanstack\/start-server-core Affected
v1.167.36
tanstack tanstack\/start-static-server-functions Affected
v1.166.44
tanstack tanstack\/start-static-server-functions Affected
v1.166.47
tanstack tanstack\/start-storage-context Affected
v1.166.38
tanstack tanstack\/start-storage-context Affected
v1.166.41
tanstack tanstack\/valibot-adapter Affected
v1.166.12
tanstack tanstack\/valibot-adapter Affected
v1.166.15
tanstack tanstack\/virtual-file-routes Affected
v1.161.10
tanstack tanstack\/virtual-file-routes Affected
v1.161.13
tanstack tanstack\/vue-router Affected
v1.169.5
tanstack tanstack\/vue-router Affected
v1.169.8
tanstack tanstack\/vue-router-devtools Affected
v1.166.16
tanstack tanstack\/vue-router-devtools Affected
v1.166.19
tanstack tanstack\/vue-router-ssr-query Affected
v1.166.15
tanstack tanstack\/vue-router-ssr-query Affected
v1.166.18
tanstack tanstack\/vue-start Affected
v1.167.61
tanstack tanstack\/vue-start Affected
v1.167.64
tanstack tanstack\/vue-start-client Affected
v1.166.46
tanstack tanstack\/vue-start-client Affected
v1.166.49
tanstack tanstack\/vue-start-server Affected
v1.166.50
tanstack tanstack\/vue-start-server Affected
v1.166.53
tanstack tanstack\/zod-adapter Affected
v1.166.12
tanstack tanstack\/zod-adapter Affected
v1.166.15
guardrailsai guardrails_ai Affected
v0.10.1
linuxfoundation opensearch Affected
v3.6.2
mesa mesadev\/sdk Affected
v0.28.3
mesa mesadev\/saguaro Affected
v0.4.22
mesa mesadev\/rest Affected
v0.28.3
antoinebcx ml-toolkit-ts Affected
v1.0.4
antoinebcx ml-toolkit-ts Affected
v1.0.5
antoinebcx ml-toolkit-ts\/xgboost Affected
v1.0.3
antoinebcx ml-toolkit-ts\/xgboost Affected
v1.0.4
antoinebcx ml-toolkit-ts\/preprocessing Affected
v1.0.2
antoinebcx ml-toolkit-ts\/preprocessing Affected
v1.0.3
agentworkhq agentwork-cli Affected
v0.1.4
agentworkhq agentwork-cli Affected
v0.1.5
dirigible dirigible-ai\/sdk Affected
v0.6.2
dirigible dirigible-ai\/sdk Affected
v0.6.3
beproduct beproduct\/nestjs-auth Affected
v0.1.10
beproduct beproduct\/nestjs-auth Affected
v0.1.11
beproduct beproduct\/nestjs-auth Affected
v0.1.12
beproduct beproduct\/nestjs-auth Affected
v0.1.13
beproduct beproduct\/nestjs-auth Affected
v0.1.14
beproduct beproduct\/nestjs-auth Affected
v0.1.15
beproduct beproduct\/nestjs-auth Affected
v0.1.16
beproduct beproduct\/nestjs-auth Affected
v0.1.17
beproduct beproduct\/nestjs-auth Affected
v0.1.19
beproduct beproduct\/nestjs-auth Affected
v0.1.2
beproduct beproduct\/nestjs-auth Affected
v0.1.3
beproduct beproduct\/nestjs-auth Affected
v0.1.4
beproduct beproduct\/nestjs-auth Affected
v0.1.5
beproduct beproduct\/nestjs-auth Affected
v0.1.6
beproduct beproduct\/nestjs-auth Affected
v0.1.7
beproduct beproduct\/nestjs-auth Affected
v0.1.8
beproduct beproduct\/nestjs-auth Affected
v0.1.9
christianalares nextmove-mcp Affected
v0.1.3
christianalares nextmove-mcp Affected
v0.1.4
christianalares nextmove-mcp Affected
v0.1.5
christianalares nextmove-mcp Affected
v0.1.7
christianalares git_branch_selector Affected
v1.3.3
christianalares git_branch_selector Affected
v1.3.4
christianalares git_branch_selector Affected
v1.3.5
christianalares git_branch_selector Affected
v1.3.7
christianalares git-git-git Affected
v1.0.10
christianalares git-git-git Affected
v1.0.12
christianalares git-git-git Affected
v1.0.8
christianalares git-git-git Affected
v1.0.9
multiagentcognition cmux-agent-mcp Affected
v0.1.3
multiagentcognition cmux-agent-mcp Affected
v0.1.4
multiagentcognition cmux-agent-mcp Affected
v0.1.5
multiagentcognition cmux-agent-mcp Affected
v0.1.6
multiagentcognition cmux-agent-mcp Affected
v0.1.7
multiagentcognition cmux-agent-mcp Affected
v0.1.8
abhishake1 supersurkhet\/cli Affected
v0.0.2
abhishake1 supersurkhet\/cli Affected
v0.0.3
abhishake1 supersurkhet\/cli Affected
v0.0.4
abhishake1 supersurkhet\/cli Affected
v0.0.5
abhishake1 supersurkhet\/cli Affected
v0.0.6
abhishake1 supersurkhet\/cli Affected
v0.0.7
abhishake1 supersurkhet\/sdk Affected
v0.0.2
abhishake1 supersurkhet\/sdk Affected
v0.0.3
abhishake1 supersurkhet\/sdk Affected
v0.0.4
abhishake1 supersurkhet\/sdk Affected
v0.0.5
abhishake1 supersurkhet\/sdk Affected
v0.0.6
abhishake1 supersurkhet\/sdk Affected
v0.0.7
matheuspergoli simple_type-safe_actions Affected
v0.8.3
matheuspergoli simple_type-safe_actions Affected
v0.8.4
abhishake1 taskflow-corp\/cli Affected
v0.1.24
abhishake1 taskflow-corp\/cli Affected
v0.1.25
abhishake1 taskflow-corp\/cli Affected
v0.1.26
abhishake1 taskflow-corp\/cli Affected
v0.1.27
abhishake1 taskflow-corp\/cli Affected
v0.1.28
abhishake1 taskflow-corp\/cli Affected
v0.1.29
christianalares tolka\/cli Affected
v1.0.2
christianalares tolka\/cli Affected
v1.0.3
christianalares tolka\/cli Affected
v1.0.4
christianalares tolka\/cli Affected
v1.0.6
matheuspergoli draftauth\/client Affected
v0.2.1
matheuspergoli draftauth\/client Affected
v0.2.2
matheuspergoli draftauth\/core Affected
v0.13.1
matheuspergoli draftauth\/core Affected
v0.13.2
matheuspergoli draftlab\/auth Affected
v0.24.1
matheuspergoli draftlab\/auth Affected
v0.24.2
matheuspergoli draftlab\/auth-router Affected
v0.5.1
matheuspergoli draftlab\/auth-router Affected
v0.5.2
matheuspergoli draftlab\/db Affected
v0.16.1
matheuspergoli draftlab\/db Affected
v0.16.2
mistral mistralai Affected
v2.4.6
mistral mistralai\/mistralai Affected
v2.2.3
mistral mistralai\/mistralai Affected
v2.2.4
mistral mistralai\/mistralai-azure Affected
v1.7.2
mistral mistralai\/mistralai-azure Affected
v1.7.3
mistral mistralai\/mistralai-gcp Affected
v1.7.2
mistral mistralai\/mistralai-gcp Affected
v1.7.3
neilcochran cross-stitch Affected
v1.1.3
neilcochran cross-stitch Affected
v1.1.4
neilcochran cross-stitch Affected
v1.1.6
neilcochran squawk\/airports Affected
v0.6.2
neilcochran squawk\/airports Affected
v0.6.3
neilcochran squawk\/airports Affected
v0.6.5
neilcochran squawk\/airspace Affected
v0.8.1
neilcochran squawk\/airspace Affected
v0.8.2
neilcochran squawk\/airspace Affected
v0.8.4
neilcochran squawk\/airspace-data Affected
v0.5.3
neilcochran squawk\/airspace-data Affected
v0.5.4
neilcochran squawk\/airspace-data Affected
v0.5.6
neilcochran squawk\/airway-data Affected
v0.5.4
neilcochran squawk\/airway-data Affected
v0.5.5
neilcochran squawk\/airway-data Affected
v0.5.7
neilcochran squawk\/airways Affected
v0.4.2
neilcochran squawk\/airways Affected
v0.4.3
neilcochran squawk\/airways Affected
v0.4.5
neilcochran squawk\/fix-data Affected
v0.6.4
neilcochran squawk\/fix-data Affected
v0.6.5
neilcochran squawk\/fix-data Affected
v0.6.7
neilcochran squawk\/fixes Affected
v0.3.2
neilcochran squawk\/fixes Affected
v0.3.3
neilcochran squawk\/fixes Affected
v0.3.5
neilcochran squawk\/flight-math Affected
v0.5.4
neilcochran squawk\/flight-math Affected
v0.5.5
neilcochran squawk\/flight-math Affected
v0.5.7
neilcochran squawk\/flightplan Affected
v0.5.2
neilcochran squawk\/flightplan Affected
v0.5.3
neilcochran squawk\/flightplan Affected
v0.5.5
neilcochran squawk\/geo Affected
v0.4.4
neilcochran squawk\/geo Affected
v0.4.5
neilcochran squawk\/geo Affected
v0.4.7
neilcochran squawk\/icao-registry Affected
v0.5.2
neilcochran squawk\/icao-registry Affected
v0.5.3
neilcochran squawk\/icao-registry Affected
v0.5.5
neilcochran squawk\/icao-registry-data Affected
v0.8.4
neilcochran squawk\/icao-registry-data Affected
v0.8.5
neilcochran squawk\/icao-registry-data Affected
v0.8.7
neilcochran squawk\/mcp Affected
v0.9.1
neilcochran squawk\/mcp Affected
v0.9.2
neilcochran squawk\/mcp Affected
v0.9.4
neilcochran squawk\/navaid-data Affected
v0.6.4
neilcochran squawk\/navaid-data Affected
v0.6.5
neilcochran squawk\/navaid-data Affected
v0.6.7
neilcochran squawk\/navaids Affected
v0.4.2
neilcochran squawk\/navaids Affected
v0.4.3
neilcochran squawk\/navaids Affected
v0.4.5
neilcochran squawk\/notams Affected
v0.3.6
neilcochran squawk\/notams Affected
v0.3.7
neilcochran squawk\/notams Affected
v0.3.9
neilcochran squawk\/procedure-data Affected
v0.7.3
neilcochran squawk\/procedure-data Affected
v0.7.4
neilcochran squawk\/procedure-data Affected
v0.7.6
neilcochran squawk\/procedures Affected
v0.5.2
neilcochran squawk\/procedures Affected
v0.5.3
neilcochran squawk\/procedures Affected
v0.5.5
neilcochran squawk\/types Affected
v0.8.1
neilcochran squawk\/types Affected
v0.8.2
neilcochran squawk\/types Affected
v0.8.4
neilcochran squawk\/units Affected
v0.4.3
neilcochran squawk\/units Affected
v0.4.4
neilcochran squawk\/units Affected
v0.4.6
neilcochran squawk\/weather Affected
v0.5.6
neilcochran squawk\/weather Affected
v0.5.7
neilcochran squawk\/weather Affected
v0.5.9
neilcochran ts-dna Affected
v3.0.1
neilcochran ts-dna Affected
v3.0.2
neilcochran ts-dna Affected
v3.0.4
neilcochran wot-api Affected
v0.8.1
neilcochran wot-api Affected
v0.8.2
neilcochran wot-api Affected
v0.8.4
kilbot tallyui\/components Affected
v1.0.1
kilbot tallyui\/components Affected
v1.0.2
kilbot tallyui\/components Affected
v1.0.3
kilbot tallyui\/connector-medusa Affected
v1.0.1
kilbot tallyui\/connector-medusa Affected
v1.0.2
kilbot tallyui\/connector-medusa Affected
v1.0.3
kilbot tallyui\/connector-shopify Affected
v1.0.1
kilbot tallyui\/connector-shopify Affected
v1.0.2
kilbot tallyui\/connector-shopify Affected
v1.0.3
kilbot tallyui\/connector-vendure Affected
v1.0.1
kilbot tallyui\/connector-vendure Affected
v1.0.2
kilbot tallyui\/connector-vendure Affected
v1.0.3
kilbot tallyui\/connector-woocommerce Affected
v1.0.1
kilbot tallyui\/connector-woocommerce Affected
v1.0.2
kilbot tallyui\/connector-woocommerce Affected
v1.0.3
kilbot tallyui\/core Affected
v0.2.1
kilbot tallyui\/core Affected
v0.2.2
kilbot tallyui\/core Affected
v0.2.3
kilbot tallyui\/database Affected
v1.0.1
kilbot tallyui\/database Affected
v1.0.2
kilbot tallyui\/database Affected
v1.0.3
kilbot tallyui\/pos Affected
v0.1.1
kilbot tallyui\/pos Affected
v0.1.2
kilbot tallyui\/pos Affected
v0.1.3
kilbot tallyui\/storage-sqlite Affected
v0.2.1
kilbot tallyui\/storage-sqlite Affected
v0.2.2
kilbot tallyui\/storage-sqlite Affected
v0.2.3
kilbot tallyui\/theme Affected
v0.2.1
kilbot tallyui\/theme Affected
v0.2.2
kilbot tallyui\/theme Affected
v0.2.3
uipath uipath\/access-policy-sdk Affected
v0.3.1
uipath uipath\/access-policy-tool Affected
v0.3.1
uipath uipath\/admin-tool Affected
v0.1.1
uipath uipath\/agent-sdk Affected
v1.0.2
uipath uipath\/agent-tool Affected
v1.0.1
uipath uipath\/agent.sdk Affected
v0.0.18
uipath uipath\/aops-policy-tool Affected
v0.3.1
uipath uipath\/ap-chat Affected
v1.5.7
uipath uipath\/api-workflow-tool Affected
v1.0.1
uipath uipath\/apollo-core Affected
v5.9.2
uipath uipath\/apollo-react Affected
v4.24.5
uipath uipath\/apollo-wind Affected
v2.16.2
uipath uipath\/auth Affected
v1.0.1
uipath uipath\/case-tool Affected
v1.0.1
uipath uipath\/cli Affected
v1.0.1
uipath uipath\/codedagent-tool Affected
v1.0.1
uipath uipath\/codedagents-tool Affected
v0.1.12
uipath uipath\/codedapp-tool Affected
v1.0.1
uipath uipath\/common Affected
v1.0.1
uipath uipath\/context-grounding-tool Affected
v0.1.1
uipath uipath\/data-fabric-tool Affected
v1.0.2
uipath uipath\/docsai-tool Affected
v1.0.1
uipath uipath\/filesystem Affected
v1.0.1
uipath uipath\/flow-tool Affected
v1.0.2
uipath uipath\/functions-tool Affected
v1.0.1
uipath uipath\/gov-tool Affected
v0.3.1
uipath uipath\/identity-tool Affected
v0.1.1
uipath uipath\/insights-sdk Affected
v1.0.1
uipath uipath\/insights-tool Affected
v1.0.1
uipath uipath\/integrationservice-sdk Affected
v1.0.2
uipath uipath\/integrationservice-tool Affected
v1.0.2
uipath uipath\/llmgw-tool Affected
v1.0.1
uipath uipath\/maestro-sdk Affected
v1.0.1
uipath uipath\/maestro-tool Affected
v1.0.1
uipath uipath\/orchestrator-tool Affected
v1.0.1
uipath uipath\/packager-tool-apiworkflow Affected
v0.0.19
uipath uipath\/packager-tool-bpmn Affected
v0.0.9
uipath uipath\/packager-tool-case Affected
v0.0.9
uipath uipath\/packager-tool-connector Affected
v0.0.19
uipath uipath\/packager-tool-flow Affected
v0.0.19
uipath uipath\/packager-tool-functions Affected
v0.1.1
uipath uipath\/packager-tool-webapp Affected
v1.0.6
uipath uipath\/packager-tool-workflowcompiler Affected
v0.0.16
uipath uipath\/packager-tool-workflowcompiler-browser Affected
v0.0.34
uipath uipath\/platform-tool Affected
v1.0.1
uipath uipath\/project-packager Affected
v1.1.16
uipath uipath\/resource-tool Affected
v1.0.1
uipath uipath\/resourcecatalog-tool Affected
v0.1.1
uipath uipath\/resources-tool Affected
v0.1.11
uipath uipath\/robot Affected
v1.3.4
uipath uipath\/rpa-legacy-tool Affected
v1.0.1
uipath uipath\/rpa-tool Affected
v0.9.5
uipath uipath\/solution-packager Affected
v0.0.35
uipath uipath\/solution-tool Affected
v1.0.1
uipath uipath\/solutionpackager-sdk Affected
v1.0.11
uipath uipath\/solutionpackager-tool-core Affected
v0.0.34
uipath uipath\/tasks-tool Affected
v1.0.1
uipath uipath\/telemetry Affected
v0.0.7
uipath uipath\/test-manager-tool Affected
v1.0.2
uipath uipath\/tool-workflowcompiler Affected
v0.0.12
uipath uipath\/traces-tool Affected
v1.0.1
uipath uipath\/ui-widgets-multi-file-upload Affected
v1.0.1
uipath uipath\/uipath-python-bridge Affected
v1.0.1
uipath uipath\/vertical-solutions-tool Affected
v1.0.1
uipath uipath\/vss Affected
v0.1.6
uipath uipath\/widget.sdk Affected
v1.2.3

🔗 References 5

https://github.com/TanStack/router/issues/7383
Issue Tracking
https://github.com/TanStack/router/security/advisori...
Mitigation Vendor Advisory
https://tanstack.com/blog/npm-supply-chain-compromis...
Exploit Vendor Advisory
https://www.stepsecurity.io/blog/mini-shai-hulud-is-...
Exploit Third Party Advisory
https://www.cisa.gov/known-exploited-vulnerabilities...
US Government Resource

🔗 Related CVEs 1

CVE ID Severity CVSS EPSS Summary Published
CVE-2026-45758 ⛔ critical 9.6 0.0 Guardrails AI is a Python framework that helps build AI applications. On May 11, 2026 at approximately 6:00 PM Pacific, ... 2026-06-05
These CVEs affect the same products