CVE-2026-45321
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
Summary
On 2026-05-11, between approximately 19:20 and 19:26 UTC, 84 malicious versions across 42 @tanstack/* packages were published to the npm registry. The publishes were authenticated via the legitimate GitHub Actions OIDC trusted-publisher binding for TanStack/router, but the publish workflow itself was not modified. The attacker chained three known vulnerability classes — a pull_request_target "Pwn Request" misconfiguration, GitHub Actions cache poisoning across the fork↔base trust boundary, and runtime memory extraction of the OIDC token from the Actions runner process — to publish credential-stealing malware under a trusted identity. Each affected package received exactly two malicious versions, published a few minutes apart.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| @tanstack | arktype-adapter | 1.166.12 | affected |
| @tanstack | arktype-adapter | 1.166.15 | affected |
| @tanstack | eslint-plugin-router | 1.161.9 | affected |
| @tanstack | eslint-plugin-router | 1.161.12 | affected |
| @tanstack | eslint-plugin-start | 0.0.4 | affected |
| @tanstack | eslint-plugin-start | 0.0.7 | affected |
| @tanstack | history | 1.161.9 | affected |
| @tanstack | history | 1.161.12 | affected |
| @tanstack | nitro-v2-vite-plugin | 1.154.12 | affected |
| @tanstack | nitro-v2-vite-plugin | 1.154.15 | affected |
| @tanstack | react-router | 1.169.5 | affected |
| @tanstack | react-router | 1.169.8 | affected |
| @tanstack | react-router-devtools | 1.166.16 | affected |
| @tanstack | react-router-devtools | 1.166.19 | affected |
| @tanstack | react-router-ssr-query | 1.166.15 | affected |
| @tanstack | react-router-ssr-query | 1.166.18 | affected |
| @tanstack | react-start | 1.167.68 | affected |
| @tanstack | react-start | 1.167.71 | affected |
| @tanstack | react-start-client | 1.166.51 | affected |
| @tanstack | react-start-client | 1.166.54 | affected |
| @tanstack | react-start-rsc | 0.0.47 | affected |
| @tanstack | react-start-rsc | 0.0.50 | affected |
| @tanstack | react-start-server | 1.166.55 | affected |
| @tanstack | react-start-server | 1.166.58 | affected |
| @tanstack | router-cli | 1.166.46 | affected |
| @tanstack | router-cli | 1.166.49 | affected |
| @tanstack | router-core | 1.169.5 | affected |
| @tanstack | router-core | 1.169.8 | affected |
| @tanstack | router-devtools | 1.166.16 | affected |
| @tanstack | router-devtools | 1.166.19 | affected |
| @tanstack | router-devtools-core | 1.167.6 | affected |
| @tanstack | router-devtools-core | 1.167.9 | affected |
| @tanstack | router-generator | 1.166.45 | affected |
| @tanstack | router-generator | 1.166.48 | affected |
| @tanstack | router-plugin | 1.167.38 | affected |
| @tanstack | router-plugin | 1.167.41 | affected |
| @tanstack | router-ssr-query-core | 1.168.3 | affected |
| @tanstack | router-ssr-query-core | 1.168.6 | affected |
| @tanstack | router-utils | 1.161.11 | affected |
| @tanstack | router-utils | 1.161.14 | affected |
| @tanstack | outer-vite-plugin | 1.166.53 | affected |
| @tanstack | outer-vite-plugin | 1.166.56 | affected |
| @tanstack | solid-router | 1.169.5 | affected |
| @tanstack | solid-router | 1.169.8 | affected |
| @tanstack | solid-router-devtools | 1.166.16 | affected |
| @tanstack | solid-router-devtools | 1.166.19 | affected |
| @tanstack | solid-router-ssr-query | 1.166.15 | affected |
| @tanstack | solid-router-ssr-query | 1.166.18 | affected |
| @tanstack | solid-start | 1.167.65 | affected |
| @tanstack | solid-start | 1.167.68 | affected |
| @tanstack | solid-start-client | 1.166.50 | affected |
| @tanstack | solid-start-client | 1.166.53 | affected |
| @tanstack | solid-start-server | 1.166.54 | affected |
| @tanstack | solid-start-server | 1.166.57 | affected |
| @tanstack | start-client-core | 1.168.5 | affected |
| @tanstack | start-client-core | 1.168.8 | affected |
| @tanstack | start-fn-stubs | 1.161.9 | affected |
| @tanstack | start-fn-stubs | 1.161.12 | affected |
| @tanstack | start-plugin-core | 1.169.23 | affected |
| @tanstack | start-plugin-core | 1.169.26 | affected |
| @tanstack | start-server-core | 1.167.33 | affected |
| @tanstack | start-server-core | 1.167.36 | affected |
| @tanstack | start-static-server-functions | 1.166.44 | affected |
| @tanstack | start-static-server-functions | 1.166.47 | affected |
| @tanstack | start-storage-context | 1.166.38 | affected |
| @tanstack | start-storage-context | 1.166.41 | affected |
| @tanstack | valibot-adapter | 1.166.12 | affected |
| @tanstack | valibot-adapter | 1.166.15 | affected |
| @tanstack | virtual-file-routes | 1.161.10 | affected |
| @tanstack | virtual-file-routes | 1.161.13 | affected |
| @tanstack | vue-router | 1.169.5 | affected |
| @tanstack | vue-router | 1.169.8 | affected |
| @tanstack | vue-router-devtools | 1.166.16 | affected |
| @tanstack | vue-router-devtools | 1.166.19 | affected |
| @tanstack | vue-router-ssr-query | 1.166.15 | affected |
| @tanstack | vue-router-ssr-query | 1.166.18 | affected |
| @tanstack | vue-start | 1.167.61 | affected |
| @tanstack | vue-start | 1.167.64 | affected |
| @tanstack | vue-start-client | 1.166.46 | affected |
| @tanstack | vue-start-client | 1.166.49 | affected |
| @tanstack | vue-start-server | 1.166.50 | affected |
| @tanstack | vue-start-server | 1.166.53 | affected |
| @tanstack | zod-adapter | 1.166.12 | affected |
| @tanstack | zod-adapter | 1.166.15 | affected |
Weaknesses
- CWE-506: CWE-506: Embedded Malicious Code
ADP Enrichment
CISA ADP Vulnrichment
- SSVC:
- Exploitation: active
- Automatable: no
- Technical Impact: total
Additional References
References
- https://github.com/TanStack/router/security/advisories/GHSA-g7cv-rxg3-hmpx
- https://github.com/TanStack/router/issues/7383
- https://tanstack.com/blog/npm-supply-chain-compromise-postmortem
- https://www.stepsecurity.io/blog/mini-shai-hulud-is-back-a-self-spreading-supply-chain-attack-hits-the-npm-ecosystem
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.