Back
CVE-2026-45321
CRITICAL
CISA KEV
On 2026-05-11, between approximately 19:20 and 19:26 UTC, 84 malicious versions across 42 @tanstack/* packages were published to the npm registry. The publishes were authenticated via the legitimate GitHub Actions OIDC trusted-publisher binding for TanStack/router, but the publish workflow itself was not modified. The attacker chained three known vulnerability classes — a pull_request_target "Pwn Request" misconfiguration, GitHub Actions cache poisoning across the fork↔base trust boundary, and runtime memory extraction of the OIDC token from the Actions runner process — to publish credential-stealing malware under a trusted identity. Each affected package received exactly two malicious versions, published a few minutes apart.
Published: May 12, 2026
Modified: May 29, 2026
CWE-506
CVSS Metrics
CVSSv3
Attack Vector:
NETWORK
Attack Complexity:
LOW
Privileges Required:
NONE
User Interaction:
REQUIRED
Scope:
CHANGED
Confidentiality Impact:
HIGH
Integrity Impact:
HIGH
Availability Impact:
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
Affected Products (343)
| Vendor | Product | Version |
|---|---|---|
| tanstack | tanstack\/arktype-adapter | 1.166.12 |
| tanstack | tanstack\/arktype-adapter | 1.166.15 |
| tanstack | tanstack\/eslint-plugin-router | 1.161.9 |
| tanstack | tanstack\/eslint-plugin-router | 1.161.12 |
| tanstack | tanstack\/eslint-plugin-start | 0.0.4 |
| tanstack | tanstack\/eslint-plugin-start | 0.0.7 |
| tanstack | tanstack\/history | 1.161.9 |
| tanstack | tanstack\/history | 1.161.12 |
| tanstack | tanstack\/nitro-v2-vite-plugin | 1.154.12 |
| tanstack | tanstack\/nitro-v2-vite-plugin | 1.154.15 |
| tanstack | tanstack\/react-router | 1.169.5 |
| tanstack | tanstack\/react-router | 1.169.8 |
| tanstack | tanstack\/react-router-devtools | 1.166.16 |
| tanstack | tanstack\/react-router-devtools | 1.166.19 |
| tanstack | tanstack\/react-router-ssr-query | 1.166.15 |
| tanstack | tanstack\/react-router-ssr-query | 1.166.18 |
| tanstack | tanstack\/react-start | 1.167.68 |
| tanstack | tanstack\/react-start | 1.167.71 |
| tanstack | tanstack\/react-start-client | 1.166.51 |
| tanstack | tanstack\/react-start-client | 1.166.54 |
…and 323 more
GitHub Security Advisory GHSA-g7cv-rxg3-hmpx
Malware in @tanstack/* packages exfiltrates cloud credentials, GitHub tokens, and SSH keys
npm
@tanstack/arktype-adapter
= 1.166.12
Fixed: 1.166.16
npm
@tanstack/eslint-plugin-router
= 1.161.9
Fixed: 1.161.13
npm
@tanstack/eslint-plugin-start
= 0.0.4
Fixed: 0.0.8
npm
@tanstack/history
= 1.161.9
Fixed: 1.161.13
npm
@tanstack/nitro-v2-vite-plugin
= 1.154.12
Fixed: 1.154.16
npm
@tanstack/react-router
= 1.169.5
Fixed: 1.169.9
npm
@tanstack/react-router-devtools
= 1.166.16
Fixed: 1.166.20
npm
@tanstack/react-router-ssr-query
= 1.166.15
Fixed: 1.166.19
npm
@tanstack/react-start
= 1.167.68
Fixed: 1.167.72
npm
@tanstack/react-start-client
= 1.166.51
Fixed: 1.166.55
npm
@tanstack/react-start-rsc
= 0.0.47
Fixed: 0.0.51
npm
@tanstack/react-start-server
= 1.166.55
Fixed: 1.166.59
npm
@tanstack/router-cli
= 1.166.46
Fixed: 1.166.50
npm
@tanstack/router-core
= 1.169.5
Fixed: 1.169.9
npm
@tanstack/router-devtools
= 1.166.16
Fixed: 1.166.20
npm
@tanstack/router-devtools-core
= 1.167.6
Fixed: 1.167.10
npm
@tanstack/router-generator
= 1.166.45
Fixed: 1.166.49
npm
@tanstack/router-plugin
= 1.167.38
Fixed: 1.167.42
npm
@tanstack/router-ssr-query-core
= 1.168.3
Fixed: 1.168.7
npm
@tanstack/router-utils
= 1.161.11
Fixed: 1.161.15
npm
@tanstack/router-vite-plugin
= 1.166.53
Fixed: 1.166.57
npm
@tanstack/solid-router
= 1.169.5
Fixed: 1.169.9
npm
@tanstack/solid-router-devtools
= 1.166.16
Fixed: 1.166.20
npm
@tanstack/solid-router-ssr-query
= 1.166.15
Fixed: 1.166.19
npm
@tanstack/solid-start
= 1.167.65
Fixed: 1.167.69
npm
@tanstack/solid-start-client
= 1.166.50
Fixed: 1.166.54
npm
@tanstack/solid-start-server
= 1.166.54
Fixed: 1.166.58
npm
@tanstack/start-client-core
= 1.168.5
Fixed: 1.168.9
npm
@tanstack/start-fn-stubs
= 1.161.9
Fixed: 1.161.13
npm
@tanstack/start-plugin-core
= 1.169.23
Fixed: 1.169.27
npm
@tanstack/start-server-core
= 1.167.33
Fixed: 1.167.37
npm
@tanstack/start-static-server-functions
= 1.166.44
Fixed: 1.166.48
npm
@tanstack/start-storage-context
= 1.166.38
Fixed: 1.166.42
npm
@tanstack/valibot-adapter
= 1.166.12
Fixed: 1.166.16
npm
@tanstack/virtual-file-routes
= 1.161.10
Fixed: 1.161.14
npm
@tanstack/vue-router
= 1.169.5
Fixed: 1.169.9
npm
@tanstack/vue-router-devtools
= 1.166.16
Fixed: 1.166.20
npm
@tanstack/vue-router-ssr-query
= 1.166.15
Fixed: 1.166.19
npm
@tanstack/vue-start
= 1.167.61
Fixed: 1.167.65
npm
@tanstack/vue-start-client
= 1.166.46
Fixed: 1.166.50
npm
@tanstack/vue-start-server
= 1.166.50
Fixed: 1.166.54
npm
@tanstack/zod-adapter
= 1.166.12
Fixed: 1.166.16
npm
@tanstack/arktype-adapter
= 1.166.15
Fixed: 1.166.16
npm
@tanstack/eslint-plugin-router
= 1.161.12
Fixed: 1.161.13
npm
@tanstack/eslint-plugin-start
= 0.0.7
Fixed: 0.0.8
npm
@tanstack/history
= 1.161.12
Fixed: 1.161.13
npm
@tanstack/nitro-v2-vite-plugin
= 1.154.15
Fixed: 1.154.16
npm
@tanstack/react-router
= 1.169.8
Fixed: 1.169.9
npm
@tanstack/react-router-devtools
= 1.166.19
Fixed: 1.166.20
npm
@tanstack/react-router-ssr-query
= 1.166.18
Fixed: 1.166.19
npm
@tanstack/react-start
= 1.167.71
Fixed: 1.167.72
npm
@tanstack/react-start-client
= 1.166.54
Fixed: 1.166.55
npm
@tanstack/react-start-rsc
= 0.0.50
Fixed: 0.0.51
npm
@tanstack/react-start-server
= 1.166.58
Fixed: 1.166.59
npm
@tanstack/router-cli
= 1.166.49
Fixed: 1.166.50
npm
@tanstack/router-core
= 1.169.8
Fixed: 1.169.9
npm
@tanstack/router-devtools
= 1.166.19
Fixed: 1.166.20
npm
@tanstack/router-devtools-core
= 1.167.9
Fixed: 1.167.10
npm
@tanstack/router-generator
= 1.166.48
Fixed: 1.166.49
npm
@tanstack/router-plugin
= 1.167.41
Fixed: 1.167.42
npm
@tanstack/router-ssr-query-core
= 1.168.6
Fixed: 1.168.7
npm
@tanstack/router-utils
= 1.161.14
Fixed: 1.161.15
npm
@tanstack/router-vite-plugin
= 1.166.56
Fixed: 1.166.57
npm
@tanstack/solid-router
= 1.169.8
Fixed: 1.169.9
npm
@tanstack/solid-router-devtools
= 1.166.19
Fixed: 1.166.20
npm
@tanstack/solid-router-ssr-query
= 1.166.18
Fixed: 1.166.19
npm
@tanstack/solid-start
= 1.167.68
Fixed: 1.167.69
npm
@tanstack/solid-start-client
= 1.166.53
Fixed: 1.166.54
npm
@tanstack/solid-start-server
= 1.166.57
Fixed: 1.166.58
npm
@tanstack/start-client-core
= 1.168.8
Fixed: 1.168.9
npm
@tanstack/start-fn-stubs
= 1.161.12
Fixed: 1.161.13
npm
@tanstack/start-plugin-core
= 1.169.26
Fixed: 1.169.27
npm
@tanstack/start-server-core
= 1.167.36
Fixed: 1.167.37
npm
@tanstack/start-static-server-functions
= 1.166.47
Fixed: 1.166.48
npm
@tanstack/start-storage-context
= 1.166.41
Fixed: 1.166.42
npm
@tanstack/valibot-adapter
= 1.166.15
Fixed: 1.166.16
npm
@tanstack/virtual-file-routes
= 1.161.13
Fixed: 1.161.14
npm
@tanstack/vue-router
= 1.169.8
Fixed: 1.169.9
npm
@tanstack/vue-router-devtools
= 1.166.19
Fixed: 1.166.20
npm
@tanstack/vue-router-ssr-query
= 1.166.18
Fixed: 1.166.19
npm
@tanstack/vue-start
= 1.167.64
Fixed: 1.167.65
npm
@tanstack/vue-start-client
= 1.166.49
Fixed: 1.166.50
npm
@tanstack/vue-start-server
= 1.166.53
Fixed: 1.166.54
npm
@tanstack/zod-adapter
= 1.166.15
Fixed: 1.166.16
References (5)
- https://github.com/TanStack/router/issues/7383 Issue Tracking
- https://github.com/TanStack/router/security/advisories/GHSA-g7cv-rxg3-hmpx Mitigation, Vendor Advisory
- https://tanstack.com/blog/npm-supply-chain-compromise-postmortem Exploit, Vendor Advisory
- https://www.stepsecurity.io/blog/mini-shai-hulud-is-back-a-self-spreading-supply-chain-attack-hits-the-npm-ecosystem Exploit, Third Party Advisory
- https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2026-45321 US Government Resource
Risk Scores
CVSS Score
9.6 / 10
EPSS Score
17.05%
Top 5% most likely to be exploited
Threat Score
73.5 / 100
CISA Known Exploited
Date Added:
2026-05-27
Due Date:
2026-06-10
Required Action:
Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
Used in Ransomware Campaigns
Data Sources
NVD
CISA KEV
EPSS
GitHub