CVE-2026-45321
TanStack Unspecified Vulnerability
CVSS
—
Sin CVSS
EPSS
2.3%
p82
KEV
SÍ
27 may 2026
Exploit Today
75
0-100
Publicado: — · Última mod.: —
Producto
TanStack / TanStack
Vulnerabilidad
TanStack Unspecified Vulnerability
Añadido a KEV
27 may 2026
Remediar antes de
10 jun 2026
Uso conocido en ransomware
Sí
Descripción resumida
TanStack contains an unspecified vulnerability that allowed malicious versions of the product to be published to the npm registry to publish credential-stealing malware under a trusted identity.
Acción requerida
Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
Notas
This vulnerability could affect an open-source component, third-party library, protocol, or proprietary implementation that could be used by different products. For more information, please see: https://github.com/TanStack/router/security/advisories/GHSA-g7cv-rxg3-hmpx ; https://nvd.nist.gov/vuln/detail/CVE-2026-45321
Sin CVEs relacionados por CWE o producto.