Malware in 42 @tanstack/* packages exfiltrates cloud credentials, GitHub tokens,...

9.6 / 10

CRITICAL

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H

Description

On 2026-05-11, between approximately 19:20 and 19:26 UTC, 84 malicious versions across 42 @tanstack/* packages were published to the npm registry. The publishes were authenticated via the legitimate GitHub Actions OIDC trusted-publisher binding for TanStack/router, but the publish workflow itself was not modified. The attacker chained three known vulnerability classes — a pull_request_target "Pwn Request" misconfiguration, GitHub Actions cache poisoning across the fork↔base trust boundary, and runtime memory extraction of the OIDC token from the Actions runner process — to publish credential-stealing malware under a trusted identity. Each affected package received exactly two malicious versions, published a few minutes apart.

AI Analysis

AI processing failed - no valid JSON found

Basic Information

ID CVE-2026-45321

Source GitHub_M

Published May 12, 2026 at 00:12

Affected Product

Vendor @tanstack

Product arktype-adapter

Version 1.166.12

Affected Versions @tanstack arktype-adapter 1.166.12
@tanstack arktype-adapter 1.166.15
@tanstack eslint-plugin-router 1.161.9
@tanstack eslint-plugin-router 1.161.12
@tanstack eslint-plugin-start 0.0.4
@tanstack eslint-plugin-start 0.0.7
@tanstack history 1.161.9
@tanstack history 1.161.12
@tanstack nitro-v2-vite-plugin 1.154.12
@tanstack nitro-v2-vite-plugin 1.154.15
@tanstack react-router 1.169.5
@tanstack react-router 1.169.8
@tanstack react-router-devtools 1.166.16
@tanstack react-router-devtools 1.166.19
@tanstack react-router-ssr-query 1.166.15
@tanstack react-router-ssr-query 1.166.18
@tanstack react-start 1.167.68
@tanstack react-start 1.167.71
@tanstack react-start-client 1.166.51
@tanstack react-start-client 1.166.54
@tanstack react-start-rsc 0.0.47
@tanstack react-start-rsc 0.0.50
@tanstack react-start-server 1.166.55
@tanstack react-start-server 1.166.58
@tanstack router-cli 1.166.46
@tanstack router-cli 1.166.49
@tanstack router-core 1.169.5
@tanstack router-core 1.169.8
@tanstack router-devtools 1.166.16
@tanstack router-devtools 1.166.19
@tanstack router-devtools-core 1.167.6
@tanstack router-devtools-core 1.167.9
@tanstack router-generator 1.166.45
@tanstack router-generator 1.166.48
@tanstack router-plugin 1.167.38
@tanstack router-plugin 1.167.41
@tanstack router-ssr-query-core 1.168.3
@tanstack router-ssr-query-core 1.168.6
@tanstack router-utils 1.161.11
@tanstack router-utils 1.161.14
@tanstack outer-vite-plugin 1.166.53
@tanstack outer-vite-plugin 1.166.56
@tanstack solid-router 1.169.5
@tanstack solid-router 1.169.8
@tanstack solid-router-devtools 1.166.16
@tanstack solid-router-devtools 1.166.19
@tanstack solid-router-ssr-query 1.166.15
@tanstack solid-router-ssr-query 1.166.18
@tanstack solid-start 1.167.65
@tanstack solid-start 1.167.68
@tanstack solid-start-client 1.166.50
@tanstack solid-start-client 1.166.53
@tanstack solid-start-server 1.166.54
@tanstack solid-start-server 1.166.57
@tanstack start-client-core 1.168.5
@tanstack start-client-core 1.168.8
@tanstack start-fn-stubs 1.161.9
@tanstack start-fn-stubs 1.161.12
@tanstack start-plugin-core 1.169.23
@tanstack start-plugin-core 1.169.26
@tanstack start-server-core 1.167.33
@tanstack start-server-core 1.167.36
@tanstack start-static-server-functions 1.166.44
@tanstack start-static-server-functions 1.166.47
@tanstack start-storage-context 1.166.38
@tanstack start-storage-context 1.166.41
@tanstack valibot-adapter 1.166.12
@tanstack valibot-adapter 1.166.15
@tanstack virtual-file-routes 1.161.10
@tanstack virtual-file-routes 1.161.13
@tanstack vue-router 1.169.5
@tanstack vue-router 1.169.8
@tanstack vue-router-devtools 1.166.16
@tanstack vue-router-devtools 1.166.19
@tanstack vue-router-ssr-query 1.166.15
@tanstack vue-router-ssr-query 1.166.18
@tanstack vue-start 1.167.61
@tanstack vue-start 1.167.64
@tanstack vue-start-client 1.166.46
@tanstack vue-start-client 1.166.49
@tanstack vue-start-server 1.166.50
@tanstack vue-start-server 1.166.53
@tanstack zod-adapter 1.166.12
@tanstack zod-adapter 1.166.15

CWE Classification

CWE-506

References

{
    "lastseen": "",
    "description": "On 2026-05-11, between approximately 19:20 and 19:26 UTC, 84 malicious versions across 42 @tanstack/* packages were published to the npm registry. The publishes were authenticated via the legitimate GitHub Actions OIDC trusted-publisher binding for TanStack/router, but the publish workflow itself was not modified. The attacker chained three known vulnerability classes \u2014 a pull_request_target \"Pwn Request\" misconfiguration, GitHub Actions cache poisoning across the fork\u2194base trust boundary, and runtime memory extraction of the OIDC token from the Actions runner process \u2014 to publish credential-stealing malware under a trusted identity. Each affected package received exactly two malicious versions, published a few minutes apart.",
    "published": "2026-05-12T00:12:35.452Z",
    "modified": "2026-05-12T00:12:35.452Z",
    "type": "cve",
    "title": "Malware in 42 @tanstack/* packages exfiltrates cloud credentials, GitHub tokens, and SSH keys",
    "source": "GitHub_M",
    "references": "https://github.com/TanStack/router/security/advisories/GHSA-g7cv-rxg3-hmpx\nhttps://github.com/TanStack/router/issues/7383",
    "id": "CVE-2026-45321",
    "bulletinFamily": "",
    "cwe": [
        "CWE-506"
    ],
    "cvelist": null,
    "sourceData": "@tanstack arktype-adapter 1.166.12\n@tanstack arktype-adapter 1.166.15\n@tanstack eslint-plugin-router 1.161.9\n@tanstack eslint-plugin-router 1.161.12\n@tanstack eslint-plugin-start 0.0.4\n@tanstack eslint-plugin-start 0.0.7\n@tanstack history 1.161.9\n@tanstack history 1.161.12\n@tanstack nitro-v2-vite-plugin 1.154.12\n@tanstack nitro-v2-vite-plugin 1.154.15\n@tanstack react-router 1.169.5\n@tanstack react-router 1.169.8\n@tanstack react-router-devtools 1.166.16\n@tanstack react-router-devtools 1.166.19\n@tanstack react-router-ssr-query 1.166.15\n@tanstack react-router-ssr-query 1.166.18\n@tanstack react-start 1.167.68\n@tanstack react-start 1.167.71\n@tanstack react-start-client 1.166.51\n@tanstack react-start-client 1.166.54\n@tanstack react-start-rsc 0.0.47\n@tanstack react-start-rsc 0.0.50\n@tanstack react-start-server 1.166.55\n@tanstack react-start-server 1.166.58\n@tanstack router-cli 1.166.46\n@tanstack router-cli 1.166.49\n@tanstack router-core 1.169.5\n@tanstack router-core 1.169.8\n@tanstack router-devtools 1.166.16\n@tanstack router-devtools 1.166.19\n@tanstack router-devtools-core 1.167.6\n@tanstack router-devtools-core 1.167.9\n@tanstack router-generator 1.166.45\n@tanstack router-generator 1.166.48\n@tanstack router-plugin 1.167.38\n@tanstack router-plugin 1.167.41\n@tanstack router-ssr-query-core 1.168.3\n@tanstack router-ssr-query-core 1.168.6\n@tanstack router-utils 1.161.11\n@tanstack router-utils 1.161.14\n@tanstack outer-vite-plugin 1.166.53\n@tanstack outer-vite-plugin 1.166.56\n@tanstack solid-router 1.169.5\n@tanstack solid-router 1.169.8\n@tanstack solid-router-devtools 1.166.16\n@tanstack solid-router-devtools 1.166.19\n@tanstack solid-router-ssr-query 1.166.15\n@tanstack solid-router-ssr-query 1.166.18\n@tanstack solid-start 1.167.65\n@tanstack solid-start 1.167.68\n@tanstack solid-start-client 1.166.50\n@tanstack solid-start-client 1.166.53\n@tanstack solid-start-server 1.166.54\n@tanstack solid-start-server 1.166.57\n@tanstack start-client-core 1.168.5\n@tanstack start-client-core 1.168.8\n@tanstack start-fn-stubs 1.161.9\n@tanstack start-fn-stubs 1.161.12\n@tanstack start-plugin-core 1.169.23\n@tanstack start-plugin-core 1.169.26\n@tanstack start-server-core 1.167.33\n@tanstack start-server-core 1.167.36\n@tanstack start-static-server-functions 1.166.44\n@tanstack start-static-server-functions 1.166.47\n@tanstack start-storage-context 1.166.38\n@tanstack start-storage-context 1.166.41\n@tanstack valibot-adapter 1.166.12\n@tanstack valibot-adapter 1.166.15\n@tanstack virtual-file-routes 1.161.10\n@tanstack virtual-file-routes 1.161.13\n@tanstack vue-router 1.169.5\n@tanstack vue-router 1.169.8\n@tanstack vue-router-devtools 1.166.16\n@tanstack vue-router-devtools 1.166.19\n@tanstack vue-router-ssr-query 1.166.15\n@tanstack vue-router-ssr-query 1.166.18\n@tanstack vue-start 1.167.61\n@tanstack vue-start 1.167.64\n@tanstack vue-start-client 1.166.46\n@tanstack vue-start-client 1.166.49\n@tanstack vue-start-server 1.166.50\n@tanstack vue-start-server 1.166.53\n@tanstack zod-adapter 1.166.12\n@tanstack zod-adapter 1.166.15",
    "sourceHref": "",
    "cvss": {
        "score": 9.6,
        "severity": "CRITICAL",
        "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H",
        "version": "3.1"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "arktype-adapter",
    "version": "1.166.12",
    "vendor": "@tanstack",
    "ai_description": "AI processing failed - no valid JSON found",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}

Malware in 42 @tanstack/* packages exfiltrates cloud credentials, GitHub tokens, and SSH keys_CVE-2026-45321