On 2026-05-11, between approximately 19:20 and 19:26 UTC, 84 malicious versions across 42 @tanstack/* packages were published to the npm registry. The publishes were authenticated via the legitimate GitHub Actions OIDC trusted-publisher binding for TanStack/router, but the publish workflow itself was not modified. The attacker chained three known vulnerability classes — a pull_request_target "Pwn Request" misconfiguration, GitHub Actions cache poisoning across the fork↔base trust boundary, and runtime memory extraction of the OIDC token from the Actions runner process — to publish credential-stealing malware under a trusted identity. Each affected package received exactly two malicious versions, published a few minutes apart.
Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).
| Vendor | Product | Default status | Versions | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|
| @tanstack | arktype-adapter | affected |
|
|||||||||
| @tanstack | eslint-plugin-router | affected |
|
|||||||||
| @tanstack | eslint-plugin-start | affected |
|
|||||||||
| @tanstack | history | affected |
|
|||||||||
| @tanstack | nitro-v2-vite-plugin | affected |
|
|||||||||
| @tanstack | react-router | affected |
|
|||||||||
| @tanstack | react-router-devtools | affected |
|
|||||||||
| @tanstack | react-router-ssr-query | affected |
|
|||||||||
| @tanstack | react-start | affected |
|
|||||||||
| @tanstack | react-start-client | affected |
|
|||||||||
| @tanstack | react-start-rsc | affected |
|
|||||||||
| @tanstack | react-start-server | affected |
|
|||||||||
| @tanstack | router-cli | affected |
|
|||||||||
| @tanstack | router-core | affected |
|
|||||||||
| @tanstack | router-devtools | affected |
|
|||||||||
| @tanstack | router-devtools-core | affected |
|
|||||||||
| @tanstack | router-generator | affected |
|
|||||||||
| @tanstack | router-plugin | affected |
|
|||||||||
| @tanstack | router-ssr-query-core | affected |
|
|||||||||
| @tanstack | router-utils | affected |
|
|||||||||
| @tanstack | outer-vite-plugin | affected |
|
|||||||||
| @tanstack | solid-router | affected |
|
|||||||||
| @tanstack | solid-router-devtools | affected |
|
|||||||||
| @tanstack | solid-router-ssr-query | affected |
|
|||||||||
| @tanstack | solid-start | affected |
|
|||||||||
| @tanstack | solid-start-client | affected |
|
|||||||||
| @tanstack | solid-start-server | affected |
|
|||||||||
| @tanstack | start-client-core | affected |
|
|||||||||
| @tanstack | start-fn-stubs | affected |
|
|||||||||
| @tanstack | start-plugin-core | affected |
|
|||||||||
| @tanstack | start-server-core | affected |
|
|||||||||
| @tanstack | start-static-server-functions | affected |
|
|||||||||
| @tanstack | start-storage-context | affected |
|
|||||||||
| @tanstack | valibot-adapter | affected |
|
|||||||||
| @tanstack | virtual-file-routes | affected |
|
|||||||||
| @tanstack | vue-router | affected |
|
|||||||||
| @tanstack | vue-router-devtools | affected |
|
|||||||||
| @tanstack | vue-router-ssr-query | affected |
|
|||||||||
| @tanstack | vue-start | affected |
|
|||||||||
| @tanstack | vue-start-client | affected |
|
|||||||||
| @tanstack | vue-start-server | affected |
|
|||||||||
| @tanstack | zod-adapter | affected |
|
No data.
No data.
OpenCVE Enrichment is a feature of OpenCVE that uses AI to automatically link vendors and products to CVEs. Learn more on GitHub.
| Vendors | Products |
|---|---|
|
Tanstack
Subscribe
|
Arktype-adapter
Subscribe
Eslint-plugin-router
Subscribe
Eslint-plugin-start
Subscribe
History
Subscribe
Nitro-v2-vite-plugin
Subscribe
Outer-vite-plugin
Subscribe
React-router
Subscribe
React-router-devtools
Subscribe
React-router-ssr-query
Subscribe
React-start
Subscribe
React-start-client
Subscribe
React-start-rsc
Subscribe
React-start-server
Subscribe
Router-cli
Subscribe
Router-core
Subscribe
Router-devtools
Subscribe
Router-devtools-core
Subscribe
Router-generator
Subscribe
Router-plugin
Subscribe
Router-ssr-query-core
Subscribe
Router-utils
Subscribe
Solid-router
Subscribe
Solid-router-devtools
Subscribe
Solid-router-ssr-query
Subscribe
Solid-start
Subscribe
Solid-start-client
Subscribe
Solid-start-server
Subscribe
Start-client-core
Subscribe
Start-fn-stubs
Subscribe
Start-plugin-core
Subscribe
Start-server-core
Subscribe
Start-static-server-functions
Subscribe
Start-storage-context
Subscribe
Valibot-adapter
Subscribe
Virtual-file-routes
Subscribe
Vue-router
Subscribe
Vue-router-devtools
Subscribe
Vue-router-ssr-query
Subscribe
Vue-start
Subscribe
Vue-start-client
Subscribe
Vue-start-server
Subscribe
Zod-adapter
Subscribe
|
Project Subscriptions
| Vendors | Products |
|---|---|
|
Tanstack
Subscribe
|
Arktype-adapter
Subscribe
Eslint-plugin-router
Subscribe
Eslint-plugin-start
Subscribe
History
Subscribe
Nitro-v2-vite-plugin
Subscribe
Outer-vite-plugin
Subscribe
React-router
Subscribe
React-router-devtools
Subscribe
React-router-ssr-query
Subscribe
React-start
Subscribe
React-start-client
Subscribe
React-start-rsc
Subscribe
React-start-server
Subscribe
Router-cli
Subscribe
Router-core
Subscribe
Router-devtools
Subscribe
Router-devtools-core
Subscribe
Router-generator
Subscribe
Router-plugin
Subscribe
Router-ssr-query-core
Subscribe
Router-utils
Subscribe
Solid-router
Subscribe
Solid-router-devtools
Subscribe
Solid-router-ssr-query
Subscribe
Solid-start
Subscribe
Solid-start-client
Subscribe
Solid-start-server
Subscribe
Start-client-core
Subscribe
Start-fn-stubs
Subscribe
Start-plugin-core
Subscribe
Start-server-core
Subscribe
Start-static-server-functions
Subscribe
Start-storage-context
Subscribe
Valibot-adapter
Subscribe
Virtual-file-routes
Subscribe
Vue-router
Subscribe
Vue-router-devtools
Subscribe
Vue-router-ssr-query
Subscribe
Vue-start
Subscribe
Vue-start-client
Subscribe
Vue-start-server
Subscribe
Zod-adapter
Subscribe
|
Advisories
| Source | ID | Title |
|---|---|---|
 Github GHSA |
GHSA-g7cv-rxg3-hmpx | Malware in @tanstack/* packages exfiltrates cloud credentials, GitHub tokens, and SSH keys |
Fixes
Solution
No solution given by the vendor.
Workaround
No workaround given by the vendor.
References
History
Tue, 12 May 2026 10:45:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| First Time appeared |
Tanstack
Tanstack arktype-adapter Tanstack eslint-plugin-router Tanstack eslint-plugin-start Tanstack history Tanstack nitro-v2-vite-plugin Tanstack outer-vite-plugin Tanstack react-router Tanstack react-router-devtools Tanstack react-router-ssr-query Tanstack react-start Tanstack react-start-client Tanstack react-start-rsc Tanstack react-start-server Tanstack router-cli Tanstack router-core Tanstack router-devtools Tanstack router-devtools-core Tanstack router-generator Tanstack router-plugin Tanstack router-ssr-query-core Tanstack router-utils Tanstack solid-router Tanstack solid-router-devtools Tanstack solid-router-ssr-query Tanstack solid-start Tanstack solid-start-client Tanstack solid-start-server Tanstack start-client-core Tanstack start-fn-stubs Tanstack start-plugin-core Tanstack start-server-core Tanstack start-static-server-functions Tanstack start-storage-context Tanstack valibot-adapter Tanstack virtual-file-routes Tanstack vue-router Tanstack vue-router-devtools Tanstack vue-router-ssr-query Tanstack vue-start Tanstack vue-start-client Tanstack vue-start-server Tanstack zod-adapter |
|
| Vendors & Products |
Tanstack
Tanstack arktype-adapter Tanstack eslint-plugin-router Tanstack eslint-plugin-start Tanstack history Tanstack nitro-v2-vite-plugin Tanstack outer-vite-plugin Tanstack react-router Tanstack react-router-devtools Tanstack react-router-ssr-query Tanstack react-start Tanstack react-start-client Tanstack react-start-rsc Tanstack react-start-server Tanstack router-cli Tanstack router-core Tanstack router-devtools Tanstack router-devtools-core Tanstack router-generator Tanstack router-plugin Tanstack router-ssr-query-core Tanstack router-utils Tanstack solid-router Tanstack solid-router-devtools Tanstack solid-router-ssr-query Tanstack solid-start Tanstack solid-start-client Tanstack solid-start-server Tanstack start-client-core Tanstack start-fn-stubs Tanstack start-plugin-core Tanstack start-server-core Tanstack start-static-server-functions Tanstack start-storage-context Tanstack valibot-adapter Tanstack virtual-file-routes Tanstack vue-router Tanstack vue-router-devtools Tanstack vue-router-ssr-query Tanstack vue-start Tanstack vue-start-client Tanstack vue-start-server Tanstack zod-adapter |
Tue, 12 May 2026 01:15:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Description | On 2026-05-11, between approximately 19:20 and 19:26 UTC, 84 malicious versions across 42 @tanstack/* packages were published to the npm registry. The publishes were authenticated via the legitimate GitHub Actions OIDC trusted-publisher binding for TanStack/router, but the publish workflow itself was not modified. The attacker chained three known vulnerability classes — a pull_request_target "Pwn Request" misconfiguration, GitHub Actions cache poisoning across the fork↔base trust boundary, and runtime memory extraction of the OIDC token from the Actions runner process — to publish credential-stealing malware under a trusted identity. Each affected package received exactly two malicious versions, published a few minutes apart. | |
| Title | Malware in 42 @tanstack/* packages exfiltrates cloud credentials, GitHub tokens, and SSH keys | |
| Weaknesses | CWE-506 | |
| References |
| |
| Metrics |
cvssV3_1
|
Projects
Sign in to view the affected projects.
MITRE
Status: PUBLISHED
Assigner: GitHub_M
Published:
Updated: 2026-05-12T00:12:35.452Z
Reserved: 2026-05-11T20:50:30.539Z
Link: CVE-2026-45321
Vulnrichment
No data.
NVD
Status : Received
Published: 2026-05-12T01:16:46.820
Modified: 2026-05-12T01:16:46.820
Link: CVE-2026-45321
Redhat
No data.
OpenCVE Enrichment
Updated: 2026-05-12T09:22:12Z
Weaknesses