diff --git a/pkg/analyzer/data/blacklist.json b/pkg/analyzer/data/blacklist.json index b9b409d..f0b6442 100644 --- a/pkg/analyzer/data/blacklist.json +++ b/pkg/analyzer/data/blacklist.json @@ -1,19 +1,2027 @@ [ + { + "id": "MINI-SHAI-HULUD-2026-05-11", + "component": "guardrails-ai", + "ecosystem": "PyPI", + "affected_versions": [ + "0.10.1" + ], + "action": "BLOCK", + "severity": "CRITICAL", + "reason": "Mini Shai-Hulud supply-chain compromise: compromised PyPI release downloads a remote Python artifact and executes it without integrity verification.", + "link": "https://socket.dev/blog/tanstack-npm-packages-compromised-mini-shai-hulud-supply-chain-attack" + }, + { + "id": "CVE-2026-33017", + "component": "langflow", + "ecosystem": "PyPI", + "affected_versions": [ + "< 1.9.0" + ], + "action": "BLOCK", + "severity": "CRITICAL", + "reason": "Unauthenticated RCE (CVSS 9.8): POST /api/v1/build_public_tmp/{flow_id}/flow accepts attacker-controlled flow data and passes arbitrary Python code directly to exec() with no sandboxing. Fixed in 1.9.0.", + "link": "https://github.com/advisories/GHSA-rvqx-wpfh-mfx7" + }, { "id": "SNYK-PYTHON-LITELLM-15762713", "component": "litellm", "ecosystem": "PyPI", - "affected_versions": ["1.82.7", "1.82.8"], + "affected_versions": [ + "1.82.7", + "1.82.8" + ], "action": "BLOCK", "severity": "CRITICAL", "reason": "TeamPCP supply chain attack: malicious .pth file steals SSH keys, AWS/K8s credentials and .env files on every Python startup, then establishes systemd persistence and attempts Kubernetes lateral movement.", "link": "https://security.snyk.io/vuln/SNYK-PYTHON-LITELLM-15762713" }, + { + "id": "MINI-SHAI-HULUD-2026-05-11", + "component": "mistralai", + "ecosystem": "PyPI", + "affected_versions": [ + "2.4.6" + ], + "action": "BLOCK", + "severity": "CRITICAL", + "reason": "Mini Shai-Hulud supply-chain compromise: compromised PyPI release reportedly downloads and executes a secondary payload on Linux systems and targets developer credentials.", + "link": "https://thehackernews.com/2026/05/tanstack-supply-chain-attack-hits-two.html" + }, + { + "id": "CVE-2026-47211", + "component": "ouroboros-ai", + "ecosystem": "PyPI", + "affected_versions": [ + "0.1.0", + "0.1.0a1", + "0.1.1", + "0.10.0", + "0.11.0", + "0.11.1", + "0.12.0", + "0.12.1", + "0.12.2", + "0.13.0", + "0.13.1", + "0.13.2", + "0.13.3", + "0.13.4", + "0.13.5", + "0.13.6", + "0.13.7", + "0.14.0", + "0.14.1", + "0.15.0", + "0.16.0", + "0.17.0", + "0.18.0", + "0.18.1", + "0.19.0", + "0.19.1", + "0.2.0", + "0.2.1", + "0.2.2", + "0.2.3", + "0.20.0", + "0.21.0", + "0.21.1", + "0.22.0", + "0.23.0", + "0.23.1", + "0.23.2", + "0.24.0", + "0.25.0", + "0.25.1", + "0.25.2", + "0.25.2.dev2", + "0.25.2.dev3", + "0.25.2.dev4", + "0.25.2.dev78", + "0.25.2.dev79", + "0.25.3.dev1", + "0.25.3.dev2", + "0.25.3.dev3", + "0.25.3.dev87", + "0.25.3.dev88", + "0.25.3.dev89", + "0.25.3.dev90", + "0.25.3.dev91", + "0.25.3.dev93", + "0.25.3.dev94", + "0.25.3.dev95", + "0.25.3.dev96", + "0.25.3.dev97", + "0.25.3.dev98", + "0.26.0", + "0.26.0b1", + "0.26.0b2", + "0.26.0b3", + "0.26.0b4", + "0.26.0b5", + "0.26.0b5.dev1", + "0.26.0b5.dev2", + "0.26.0b5.dev3", + "0.26.0b5.dev6", + "0.26.0b6.dev1", + "0.26.0b7", + "0.26.0b7.dev0", + "0.26.0b8.dev1", + "0.26.1", + "0.26.1.dev1", + "0.26.1.dev2", + "0.26.1.dev3", + "0.26.1.dev6", + "0.26.2", + "0.26.2.dev21", + "0.26.2.dev26", + "0.26.2.dev28", + "0.26.2.dev29", + "0.26.2.dev32", + "0.26.2.dev33", + "0.26.2.dev34", + "0.26.2.dev35", + "0.26.2.dev36", + "0.26.2.dev37", + "0.26.2.dev38", + "0.26.3", + "0.26.3.dev1", + "0.26.3.dev2", + "0.26.3.dev3", + "0.26.4", + "0.26.4.dev1", + "0.26.5", + "0.26.5.dev1", + "0.26.5.dev10", + "0.26.5.dev11", + "0.26.5.dev2", + "0.26.5.dev3", + "0.26.5.dev4", + "0.26.5.dev5", + "0.26.5.dev6", + "0.26.5.dev7", + "0.26.5.dev8", + "0.26.5.dev9", + "0.26.6", + "0.26.6.dev1", + "0.26.6.dev2", + "0.26.7.dev1", + "0.26.7.dev2", + "0.26.7.dev3", + "0.26.7.dev4", + "0.26.7.dev5", + "0.26.7.dev6", + "0.26.7.dev7", + "0.27.0", + "0.27.1", + "0.27.1.dev1", + "0.27.1.dev10", + "0.27.1.dev2", + "0.27.1.dev3", + "0.27.1.dev4", + "0.27.1.dev5", + "0.27.1.dev6", + "0.27.1.dev7", + "0.27.1.dev8", + "0.27.1.dev9", + "0.27.2", + "0.27.2.dev1", + "0.27.2.dev2", + "0.27.3.dev1", + "0.27.3.dev2", + "0.27.3.dev3", + "0.27.3.dev4", + "0.27.3.dev5", + "0.27.3.dev6", + "0.27.3.dev7", + "0.27.3.dev8", + "0.28.0", + "0.28.1", + "0.28.1.dev1", + "0.28.1.dev2", + "0.28.1.dev3", + "0.28.1.dev4", + "0.28.1.dev5", + "0.28.2", + "0.28.2.dev1", + "0.28.2.dev2", + "0.28.2.dev3", + "0.28.3", + "0.28.3.dev1", + "0.28.3.dev2", + "0.28.3.dev3", + "0.28.3.dev4", + "0.28.3.dev5", + "0.28.3.dev6", + "0.28.3.dev7", + "0.28.3.dev8", + "0.28.4", + "0.28.4.dev1", + "0.28.4.dev2", + "0.28.5", + "0.28.5.dev1", + "0.28.5.dev6", + "0.28.5.dev9", + "0.28.6", + "0.28.6.dev2", + "0.28.6.dev3", + "0.28.6.dev4", + "0.28.6.dev5", + "0.28.6.dev6", + "0.28.6.dev7", + "0.28.6.dev8", + "0.28.6.dev9", + "0.28.7", + "0.28.7.dev13", + "0.28.7.dev15", + "0.28.7.dev17", + "0.28.7.dev21", + "0.28.7.dev22", + "0.28.7.dev25", + "0.28.7.dev26", + "0.28.7.dev27", + "0.28.7.dev28", + "0.28.7.dev29", + "0.28.7.dev34", + "0.28.7.dev37", + "0.28.7.dev39", + "0.28.7.dev4", + "0.28.7.dev40", + "0.28.7.dev6", + "0.28.7.dev7", + "0.28.7.dev8", + "0.28.7.dev9", + "0.28.8", + "0.28.8.dev1", + "0.28.8.dev12", + "0.28.8.dev13", + "0.28.8.dev14", + "0.28.8.dev15", + "0.28.8.dev4", + "0.28.8.dev7", + "0.28.8.dev9", + "0.28.9.dev26", + "0.28.9.dev31", + "0.28.9.dev33", + "0.28.9.dev36", + "0.28.9.dev79", + "0.29.0", + "0.29.1", + "0.29.1.dev1", + "0.29.1.dev4", + "0.29.1.dev8", + "0.29.1.dev9", + "0.29.2", + "0.29.2.dev1", + "0.29.2.dev2", + "0.29.2.dev3", + "0.29.3.dev23", + "0.29.3.dev27", + "0.29.3.dev29", + "0.29.3.dev32", + "0.29.3.dev34", + "0.29.3.dev37", + "0.29.3.dev38", + "0.29.3.dev49", + "0.29.3.dev5", + "0.29.3.dev50", + "0.29.3.dev6", + "0.3.0", + "0.30.0", + "0.30.1.dev11", + "0.30.1.dev13", + "0.30.1.dev4", + "0.30.1.dev5", + "0.30.1.dev7", + "0.31.0", + "0.31.1", + "0.31.1.dev1", + "0.31.1.dev19", + "0.31.1.dev2", + "0.31.1.dev3", + "0.31.1.dev4", + "0.31.1.dev5", + "0.31.1.dev6", + "0.31.1.dev9", + "0.31.2.dev11", + "0.31.2.dev12", + "0.31.2.dev13", + "0.31.2.dev14", + "0.31.2.dev15", + "0.31.2.dev16", + "0.31.2.dev17", + "0.31.2.dev18", + "0.31.2.dev19", + "0.31.2.dev20", + "0.31.2.dev21", + "0.31.2.dev22", + "0.31.2.dev23", + "0.31.2.dev24", + "0.31.2.dev25", + "0.31.2.dev26", + "0.31.2.dev27", + "0.31.2.dev28", + "0.31.2.dev29", + "0.31.2.dev31", + "0.31.2.dev36", + "0.31.2.dev39", + "0.32.0", + "0.32.1.dev1", + "0.32.1.dev109", + "0.32.1.dev113", + "0.32.1.dev12", + "0.32.1.dev17", + "0.32.1.dev2", + "0.32.1.dev24", + "0.32.1.dev25", + "0.32.1.dev26", + "0.32.1.dev27", + "0.32.1.dev28", + "0.32.1.dev29", + "0.32.1.dev30", + "0.32.1.dev31", + "0.32.1.dev32", + "0.32.1.dev52", + "0.32.1.dev63", + "0.32.1.dev64", + "0.32.1.dev66", + "0.32.1.dev75", + "0.32.1.dev78", + "0.33.0", + "0.33.1.dev1", + "0.33.1.dev123", + "0.33.1.dev125", + "0.33.1.dev129", + "0.33.1.dev132", + "0.33.1.dev133", + "0.33.1.dev134", + "0.33.1.dev19", + "0.33.1.dev20", + "0.33.1.dev25", + "0.33.1.dev30", + "0.33.1.dev31", + "0.33.1.dev32", + "0.33.1.dev33", + "0.33.1.dev36", + "0.33.1.dev42", + "0.33.1.dev48", + "0.33.1.dev50", + "0.33.1.dev54", + "0.33.1.dev55", + "0.33.1.dev56", + "0.33.1.dev57", + "0.33.1.dev58", + "0.33.1.dev59", + "0.33.1.dev6", + "0.33.1.dev60", + "0.33.1.dev61", + "0.33.1.dev64", + "0.33.1.dev65", + "0.33.1.dev66", + "0.33.1.dev68", + "0.33.1.dev7", + "0.33.1.dev73", + "0.33.1.dev76", + "0.33.1.dev85", + "0.33.1.dev92", + "0.33.1.dev96", + "0.34.0", + "0.34.1.dev1", + "0.34.1.dev10", + "0.34.1.dev11", + "0.34.1.dev12", + "0.34.1.dev2", + "0.34.1.dev3", + "0.34.1.dev4", + "0.34.1.dev5", + "0.34.1.dev8", + "0.34.1.dev9", + "0.35.0", + "0.35.1.dev1", + "0.35.1.dev10", + "0.35.1.dev11", + "0.35.1.dev12", + "0.35.1.dev13", + "0.35.1.dev14", + "0.35.1.dev15", + "0.35.1.dev16", + "0.35.1.dev17", + "0.35.1.dev18", + "0.35.1.dev19", + "0.35.1.dev2", + "0.35.1.dev20", + "0.35.1.dev21", + "0.35.1.dev22", + "0.35.1.dev23", + "0.35.1.dev24", + "0.35.1.dev25", + "0.35.1.dev26", + "0.35.1.dev27", + "0.35.1.dev28", + "0.35.1.dev3", + "0.35.1.dev32", + "0.35.1.dev33", + "0.35.1.dev4", + "0.35.1.dev5", + "0.35.1.dev6", + "0.35.1.dev7", + "0.35.1.dev8", + "0.35.1.dev9", + "0.36.0", + "0.36.1.dev1", + "0.36.1.dev10", + "0.36.1.dev11", + "0.36.1.dev12", + "0.36.1.dev13", + "0.36.1.dev14", + "0.36.1.dev15", + "0.36.1.dev16", + "0.36.1.dev17", + "0.36.1.dev18", + "0.36.1.dev19", + "0.36.1.dev2", + "0.36.1.dev20", + "0.36.1.dev21", + "0.36.1.dev22", + "0.36.1.dev23", + "0.36.1.dev24", + "0.36.1.dev25", + "0.36.1.dev26", + "0.36.1.dev27", + "0.36.1.dev28", + "0.36.1.dev29", + "0.36.1.dev3", + "0.36.1.dev30", + "0.36.1.dev31", + "0.36.1.dev32", + "0.36.1.dev33", + "0.36.1.dev34", + "0.36.1.dev36", + "0.36.1.dev4", + "0.36.1.dev41", + "0.36.1.dev49", + "0.36.1.dev5", + "0.36.1.dev50", + "0.36.1.dev51", + "0.36.1.dev52", + "0.36.1.dev53", + "0.36.1.dev54", + "0.36.1.dev55", + "0.36.1.dev56", + "0.36.1.dev57", + "0.36.1.dev58", + "0.36.1.dev59", + "0.36.1.dev6", + "0.36.1.dev60", + "0.36.1.dev61", + "0.36.1.dev62", + "0.36.1.dev63", + "0.36.1.dev64", + "0.36.1.dev65", + "0.36.1.dev66", + "0.36.1.dev67", + "0.36.1.dev68", + "0.36.1.dev69", + "0.36.1.dev7", + "0.36.1.dev70", + "0.36.1.dev71", + "0.36.1.dev8", + "0.36.1.dev9", + "0.37.0", + "0.37.1.dev1", + "0.37.1.dev10", + "0.37.1.dev11", + "0.37.1.dev12", + "0.37.1.dev13", + "0.37.1.dev14", + "0.37.1.dev15", + "0.37.1.dev16", + "0.37.1.dev17", + "0.37.1.dev18", + "0.37.1.dev19", + "0.37.1.dev2", + "0.37.1.dev20", + "0.37.1.dev21", + "0.37.1.dev22", + "0.37.1.dev23", + "0.37.1.dev24", + "0.37.1.dev25", + "0.37.1.dev26", + "0.37.1.dev27", + "0.37.1.dev28", + "0.37.1.dev29", + "0.37.1.dev3", + "0.37.1.dev30", + "0.37.1.dev31", + "0.37.1.dev32", + "0.37.1.dev33", + "0.37.1.dev34", + "0.37.1.dev35", + "0.37.1.dev36", + "0.37.1.dev37", + "0.37.1.dev38", + "0.37.1.dev39", + "0.37.1.dev4", + "0.37.1.dev40", + "0.37.1.dev5", + "0.37.1.dev50", + "0.37.1.dev51", + "0.37.1.dev6", + "0.37.1.dev7", + "0.37.1.dev8", + "0.37.1.dev9", + "0.38.0", + "0.38.1", + "0.38.1.dev1", + "0.38.1.dev2", + "0.38.1.dev3", + "0.38.1.dev4", + "0.38.2", + "0.38.2.dev3", + "0.38.3.dev1", + "0.38.3.dev10", + "0.38.3.dev100", + "0.38.3.dev101", + "0.38.3.dev102", + "0.38.3.dev103", + "0.38.3.dev104", + "0.38.3.dev105", + "0.38.3.dev106", + "0.38.3.dev107", + "0.38.3.dev108", + "0.38.3.dev109", + "0.38.3.dev11", + "0.38.3.dev110", + "0.38.3.dev111", + "0.38.3.dev112", + "0.38.3.dev113", + "0.38.3.dev114", + "0.38.3.dev115", + "0.38.3.dev116", + "0.38.3.dev117", + "0.38.3.dev118", + "0.38.3.dev119", + "0.38.3.dev12", + "0.38.3.dev120", + "0.38.3.dev121", + "0.38.3.dev122", + "0.38.3.dev123", + "0.38.3.dev124", + "0.38.3.dev125", + "0.38.3.dev126", + "0.38.3.dev127", + "0.38.3.dev128", + "0.38.3.dev129", + "0.38.3.dev13", + "0.38.3.dev130", + "0.38.3.dev131", + "0.38.3.dev132", + "0.38.3.dev133", + "0.38.3.dev134", + "0.38.3.dev135", + "0.38.3.dev136", + "0.38.3.dev137", + "0.38.3.dev138", + "0.38.3.dev139", + "0.38.3.dev14", + "0.38.3.dev140", + "0.38.3.dev141", + "0.38.3.dev142", + "0.38.3.dev143", + "0.38.3.dev144", + "0.38.3.dev145", + "0.38.3.dev146", + "0.38.3.dev147", + "0.38.3.dev148", + "0.38.3.dev149", + "0.38.3.dev15", + "0.38.3.dev150", + "0.38.3.dev151", + "0.38.3.dev152", + "0.38.3.dev153", + "0.38.3.dev154", + "0.38.3.dev155", + "0.38.3.dev156", + "0.38.3.dev157", + "0.38.3.dev158", + "0.38.3.dev159", + "0.38.3.dev16", + "0.38.3.dev160", + "0.38.3.dev161", + "0.38.3.dev162", + "0.38.3.dev163", + "0.38.3.dev164", + "0.38.3.dev165", + "0.38.3.dev166", + "0.38.3.dev17", + "0.38.3.dev18", + "0.38.3.dev19", + "0.38.3.dev2", + "0.38.3.dev20", + "0.38.3.dev21", + "0.38.3.dev22", + "0.38.3.dev23", + "0.38.3.dev24", + "0.38.3.dev25", + "0.38.3.dev26", + "0.38.3.dev27", + "0.38.3.dev28", + "0.38.3.dev29", + "0.38.3.dev3", + "0.38.3.dev30", + "0.38.3.dev31", + "0.38.3.dev33", + "0.38.3.dev4", + "0.38.3.dev41", + "0.38.3.dev43", + "0.38.3.dev44", + "0.38.3.dev45", + "0.38.3.dev46", + "0.38.3.dev47", + "0.38.3.dev48", + "0.38.3.dev49", + "0.38.3.dev5", + "0.38.3.dev50", + "0.38.3.dev51", + "0.38.3.dev52", + "0.38.3.dev53", + "0.38.3.dev54", + "0.38.3.dev55", + "0.38.3.dev56", + "0.38.3.dev57", + "0.38.3.dev6", + "0.38.3.dev60", + "0.38.3.dev66", + "0.38.3.dev7", + "0.38.3.dev76", + "0.38.3.dev8", + "0.38.3.dev86", + "0.38.3.dev89", + "0.38.3.dev9", + "0.38.3.dev91", + "0.38.3.dev93", + "0.38.3.dev94", + "0.38.3.dev98", + "0.38.3.dev99", + "0.4.0", + "0.4.1", + "0.5.0", + "0.5.1", + "0.6.0", + "0.7.0", + "0.8.0", + "0.9.0" + ], + "action": "BLOCK", + "severity": "HIGH", + "reason": "ouroboros-ai Vulnerable to Remote Code Execution via Untrusted Project-Directory .env", + "link": "https://osv.dev/vulnerability/GHSA-c4m7-2gwp-vw76" + }, + { + "id": "CVE-2026-47392", + "component": "praisonai", + "ecosystem": "PyPI", + "affected_versions": [ + "0.0.1", + "0.0.10", + "0.0.11", + "0.0.12", + "0.0.13", + "0.0.14", + "0.0.15", + "0.0.16", + "0.0.17", + "0.0.18", + "0.0.19", + "0.0.2", + "0.0.20", + "0.0.21", + "0.0.22", + "0.0.23", + "0.0.24", + "0.0.25", + "0.0.26", + "0.0.27", + "0.0.28", + "0.0.29", + "0.0.3", + "0.0.30", + "0.0.31", + "0.0.32", + "0.0.33", + "0.0.34", + "0.0.35", + "0.0.36", + "0.0.37", + "0.0.38", + "0.0.39", + "0.0.4", + "0.0.40", + "0.0.41", + "0.0.42", + "0.0.43", + "0.0.44", + "0.0.45", + "0.0.46", + "0.0.47", + "0.0.48", + "0.0.49", + "0.0.5", + "0.0.50", + "0.0.52", + "0.0.53", + "0.0.54", + "0.0.55", + "0.0.56", + "0.0.57", + "0.0.58", + "0.0.59", + "0.0.59rc11", + "0.0.59rc2", + "0.0.59rc3", + "0.0.59rc5", + "0.0.59rc6", + "0.0.59rc7", + "0.0.59rc8", + "0.0.59rc9", + "0.0.6", + "0.0.61", + "0.0.64", + "0.0.65", + "0.0.66", + "0.0.67", + "0.0.68", + "0.0.69", + "0.0.7", + "0.0.70", + "0.0.71", + "0.0.72", + "0.0.73", + "0.0.74", + "0.0.8", + "0.0.9", + "0.1.0", + "0.1.1", + "0.1.10", + "0.1.2", + "0.1.3", + "0.1.4", + "0.1.5", + "0.1.6", + "0.1.7", + "0.1.8", + "0.1.9", + "1.0.0", + "1.0.1", + "1.0.10", + "1.0.11", + "1.0.2", + "1.0.3", + "1.0.4", + "1.0.5", + "1.0.6", + "1.0.8", + "1.0.9", + "2.0.0", + "2.0.1", + "2.0.10", + "2.0.11", + "2.0.12", + "2.0.13", + "2.0.14", + "2.0.15", + "2.0.16", + "2.0.17", + "2.0.18", + "2.0.19", + "2.0.2", + "2.0.20", + "2.0.22", + "2.0.23", + "2.0.24", + "2.0.25", + "2.0.26", + "2.0.27", + "2.0.28", + "2.0.29", + "2.0.3", + "2.0.30", + "2.0.31", + "2.0.32", + "2.0.33", + "2.0.34", + "2.0.35", + "2.0.36", + "2.0.37", + "2.0.38", + "2.0.39", + "2.0.40", + "2.0.41", + "2.0.42", + "2.0.43", + "2.0.44", + "2.0.45", + "2.0.46", + "2.0.47", + "2.0.48", + "2.0.49", + "2.0.5", + "2.0.50", + "2.0.51", + "2.0.53", + "2.0.54", + "2.0.55", + "2.0.56", + "2.0.57", + "2.0.58", + "2.0.59", + "2.0.6", + "2.0.60", + "2.0.61", + "2.0.62", + "2.0.63", + "2.0.64", + "2.0.65", + "2.0.66", + "2.0.67", + "2.0.68", + "2.0.69", + "2.0.7", + "2.0.70", + "2.0.71", + "2.0.72", + "2.0.73", + "2.0.74", + "2.0.75", + "2.0.76", + "2.0.77", + "2.0.78", + "2.0.79", + "2.0.8", + "2.0.80", + "2.0.81", + "2.0.9", + "2.1.0", + "2.1.1", + "2.1.4", + "2.1.5", + "2.1.6", + "2.2.1", + "2.2.10", + "2.2.11", + "2.2.12", + "2.2.13", + "2.2.14", + "2.2.15", + "2.2.16", + "2.2.17", + "2.2.18", + "2.2.19", + "2.2.2", + "2.2.20", + "2.2.21", + "2.2.22", + "2.2.24", + "2.2.25", + "2.2.26", + "2.2.27", + "2.2.28", + "2.2.29", + "2.2.3", + "2.2.30", + "2.2.31", + "2.2.32", + "2.2.33", + "2.2.34", + "2.2.35", + "2.2.36", + "2.2.37", + "2.2.38", + "2.2.39", + "2.2.4", + "2.2.40", + "2.2.41", + "2.2.42", + "2.2.43", + "2.2.44", + "2.2.45", + "2.2.46", + "2.2.47", + "2.2.48", + "2.2.49", + "2.2.5", + "2.2.50", + "2.2.51", + "2.2.52", + "2.2.53", + "2.2.54", + "2.2.55", + "2.2.56", + "2.2.57", + "2.2.58", + "2.2.59", + "2.2.6", + "2.2.60", + "2.2.61", + "2.2.62", + "2.2.63", + "2.2.64", + "2.2.65", + "2.2.66", + "2.2.67", + "2.2.68", + "2.2.69", + "2.2.7", + "2.2.70", + "2.2.71", + "2.2.72", + "2.2.73", + "2.2.74", + "2.2.75", + "2.2.76", + "2.2.77", + "2.2.78", + "2.2.79", + "2.2.8", + "2.2.80", + "2.2.81", + "2.2.82", + "2.2.83", + "2.2.84", + "2.2.86", + "2.2.87", + "2.2.88", + "2.2.89", + "2.2.9", + "2.2.90", + "2.2.91", + "2.2.93", + "2.2.95", + "2.2.96", + "2.2.97", + "2.2.98", + "2.2.99", + "2.3.0", + "2.3.1", + "2.3.10", + "2.3.11", + "2.3.12", + "2.3.13", + "2.3.14", + "2.3.15", + "2.3.16", + "2.3.18", + "2.3.19", + "2.3.2", + "2.3.20", + "2.3.21", + "2.3.22", + "2.3.23", + "2.3.24", + "2.3.25", + "2.3.26", + "2.3.27", + "2.3.28", + "2.3.29", + "2.3.3", + "2.3.30", + "2.3.31", + "2.3.32", + "2.3.33", + "2.3.34", + "2.3.35", + "2.3.36", + "2.3.37", + "2.3.38", + "2.3.39", + "2.3.4", + "2.3.40", + "2.3.41", + "2.3.42", + "2.3.43", + "2.3.44", + "2.3.45", + "2.3.46", + "2.3.47", + "2.3.48", + "2.3.49", + "2.3.5", + "2.3.50", + "2.3.51", + "2.3.52", + "2.3.53", + "2.3.54", + "2.3.55", + "2.3.56", + "2.3.57", + "2.3.58", + "2.3.59", + "2.3.6", + "2.3.60", + "2.3.61", + "2.3.62", + "2.3.63", + "2.3.64", + "2.3.65", + "2.3.66", + "2.3.67", + "2.3.68", + "2.3.69", + "2.3.7", + "2.3.70", + "2.3.71", + "2.3.72", + "2.3.73", + "2.3.74", + "2.3.75", + "2.3.76", + "2.3.77", + "2.3.78", + "2.3.79", + "2.3.8", + "2.3.80", + "2.3.81", + "2.3.82", + "2.3.83", + "2.3.84", + "2.3.85", + "2.3.86", + "2.3.87", + "2.3.9", + "2.4.0", + "2.4.1", + "2.4.2", + "2.4.3", + "2.4.4", + "2.5.0", + "2.5.1", + "2.5.2", + "2.5.3", + "2.5.4", + "2.5.5", + "2.5.6", + "2.5.7", + "2.6.0", + "2.6.1", + "2.6.2", + "2.6.3", + "2.6.4", + "2.6.5", + "2.6.6", + "2.6.7", + "2.6.8", + "2.7.0", + "2.8.3", + "2.8.4", + "2.8.5", + "2.8.6", + "2.8.7", + "2.8.8", + "2.8.9", + "2.9.0", + "2.9.1", + "2.9.2", + "3.0.0", + "3.0.1", + "3.0.2", + "3.0.3", + "3.0.4", + "3.0.5", + "3.0.6", + "3.0.7", + "3.0.8", + "3.0.9", + "3.1.0", + "3.1.1", + "3.1.2", + "3.1.3", + "3.1.4", + "3.1.5", + "3.1.6", + "3.1.7", + "3.1.8", + "3.1.9", + "3.10.0", + "3.10.1", + "3.10.10", + "3.10.11", + "3.10.12", + "3.10.13", + "3.10.14", + "3.10.15", + "3.10.16", + "3.10.17", + "3.10.18", + "3.10.19", + "3.10.2", + "3.10.20", + "3.10.21", + "3.10.22", + "3.10.23", + "3.10.24", + "3.10.25", + "3.10.26", + "3.10.27", + "3.10.3", + "3.10.4", + "3.10.5", + "3.10.6", + "3.10.7", + "3.10.8", + "3.10.9", + "3.11.0", + "3.11.1", + "3.11.10", + "3.11.11", + "3.11.12", + "3.11.13", + "3.11.14", + "3.11.2", + "3.11.3", + "3.11.4", + "3.11.8", + "3.11.9", + "3.12.0", + "3.12.1", + "3.12.2", + "3.12.3", + "3.2.0", + "3.2.1", + "3.3.0", + "3.3.1", + "3.4.0", + "3.4.1", + "3.5.0", + "3.5.1", + "3.5.2", + "3.5.3", + "3.5.4", + "3.5.5", + "3.5.6", + "3.5.7", + "3.5.8", + "3.5.9", + "3.6.0", + "3.6.1", + "3.6.2", + "3.7.0", + "3.7.1", + "3.7.2", + "3.7.3", + "3.7.4", + "3.7.5", + "3.7.6", + "3.7.7", + "3.7.8", + "3.7.9", + "3.8.0", + "3.8.1", + "3.8.10", + "3.8.11", + "3.8.12", + "3.8.13", + "3.8.14", + "3.8.16", + "3.8.17", + "3.8.18", + "3.8.19", + "3.8.2", + "3.8.20", + "3.8.21", + "3.8.22", + "3.8.3", + "3.8.4", + "3.8.5", + "3.8.6", + "3.8.7", + "3.8.8", + "3.8.9", + "3.9.0", + "3.9.1", + "3.9.10", + "3.9.11", + "3.9.12", + "3.9.13", + "3.9.14", + "3.9.15", + "3.9.16", + "3.9.17", + "3.9.18", + "3.9.19", + "3.9.2", + "3.9.20", + "3.9.21", + "3.9.22", + "3.9.23", + "3.9.24", + "3.9.25", + "3.9.26", + "3.9.27", + "3.9.28", + "3.9.29", + "3.9.3", + "3.9.30", + "3.9.31", + "3.9.32", + "3.9.33", + "3.9.34", + "3.9.35", + "3.9.4", + "3.9.5", + "3.9.6", + "3.9.7", + "3.9.8", + "3.9.9", + "4.0.0", + "4.1.0", + "4.2.0", + "4.2.1", + "4.2.2", + "4.2.3", + "4.2.4", + "4.3.0", + "4.3.1", + "4.4.0", + "4.4.10", + "4.4.11", + "4.4.12", + "4.4.2", + "4.4.3", + "4.4.4", + "4.4.5", + "4.4.6", + "4.4.7", + "4.4.8", + "4.4.9", + "4.5.0", + "4.5.1", + "4.5.10", + "4.5.100", + "4.5.101", + "4.5.102", + "4.5.103", + "4.5.104", + "4.5.105", + "4.5.106", + "4.5.107", + "4.5.108", + "4.5.109", + "4.5.11", + "4.5.110", + "4.5.111", + "4.5.112", + "4.5.113", + "4.5.114", + "4.5.115", + "4.5.117", + "4.5.118", + "4.5.119", + "4.5.12", + "4.5.120", + "4.5.121", + "4.5.122", + "4.5.123", + "4.5.124", + "4.5.125", + "4.5.126", + "4.5.127", + "4.5.128", + "4.5.129", + "4.5.13", + "4.5.130", + "4.5.131", + "4.5.132", + "4.5.133", + "4.5.134", + "4.5.135", + "4.5.136", + "4.5.137", + "4.5.139", + "4.5.14", + "4.5.140", + "4.5.143", + "4.5.144", + "4.5.145", + "4.5.149", + "4.5.15", + "4.5.16", + "4.5.18", + "4.5.19", + "4.5.2", + "4.5.20", + "4.5.21", + "4.5.22", + "4.5.23", + "4.5.24", + "4.5.25", + "4.5.26", + "4.5.27", + "4.5.28", + "4.5.29", + "4.5.3", + "4.5.30", + "4.5.31", + "4.5.32", + "4.5.33", + "4.5.34", + "4.5.35", + "4.5.36", + "4.5.37", + "4.5.38", + "4.5.39", + "4.5.40", + "4.5.41", + "4.5.42", + "4.5.43", + "4.5.44", + "4.5.45", + "4.5.46", + "4.5.48", + "4.5.49", + "4.5.5", + "4.5.51", + "4.5.52", + "4.5.54", + "4.5.55", + "4.5.56", + "4.5.57", + "4.5.58", + "4.5.59", + "4.5.6", + "4.5.60", + "4.5.62", + "4.5.63", + "4.5.64", + "4.5.65", + "4.5.67", + "4.5.68", + "4.5.69", + "4.5.7", + "4.5.70", + "4.5.71", + "4.5.72", + "4.5.73", + "4.5.74", + "4.5.76", + "4.5.77", + "4.5.78", + "4.5.79", + "4.5.8", + "4.5.80", + "4.5.81", + "4.5.82", + "4.5.83", + "4.5.85", + "4.5.87", + "4.5.88", + "4.5.89", + "4.5.9", + "4.5.90", + "4.5.93", + "4.5.94", + "4.5.95", + "4.5.96", + "4.5.97", + "4.5.98", + "4.6.10", + "4.6.11", + "4.6.12", + "4.6.13", + "4.6.14", + "4.6.15", + "4.6.16", + "4.6.18", + "4.6.19", + "4.6.20", + "4.6.21", + "4.6.22", + "4.6.23", + "4.6.24", + "4.6.25", + "4.6.26", + "4.6.27", + "4.6.28", + "4.6.29", + "4.6.30", + "4.6.31", + "4.6.32", + "4.6.33", + "4.6.34", + "4.6.35", + "4.6.36", + "4.6.37", + "4.6.38", + "4.6.39", + "4.6.9" + ], + "action": "BLOCK", + "severity": "CRITICAL", + "reason": "PraisonAI vulnerable to sandbox escape via `print.__self__` builtins module leak in `execute_code` (subprocess mode)", + "link": "https://osv.dev/vulnerability/GHSA-4mr5-g6f9-cfrh" + }, + { + "id": "CVE-2026-47410", + "component": "praisonai-platform", + "ecosystem": "PyPI", + "affected_versions": [ + "0.1.0", + "0.1.1", + "0.1.2", + "0.1.3" + ], + "action": "BLOCK", + "severity": "CRITICAL", + "reason": "praisonai-platform: JWT signing key defaults to hardcoded \"dev-secret-change-me\", allowing token forgery for any user when PLATFORM_ENV is unset", + "link": "https://osv.dev/vulnerability/GHSA-3qg8-5g3r-79v5" + }, + { + "id": "CVE-2026-47392", + "component": "praisonaiagents", + "ecosystem": "PyPI", + "affected_versions": [ + "0.0.1", + "0.0.10", + "0.0.100", + "0.0.101", + "0.0.102", + "0.0.103", + "0.0.104", + "0.0.105", + "0.0.106", + "0.0.107", + "0.0.108", + "0.0.109", + "0.0.11", + "0.0.110", + "0.0.111", + "0.0.112", + "0.0.113", + "0.0.114", + "0.0.115", + "0.0.116", + "0.0.117", + "0.0.118", + "0.0.119", + "0.0.12", + "0.0.120", + "0.0.121", + "0.0.122", + "0.0.123", + "0.0.124", + "0.0.125", + "0.0.126", + "0.0.127", + "0.0.128", + "0.0.129", + "0.0.13", + "0.0.130", + "0.0.131", + "0.0.132", + "0.0.133", + "0.0.134", + "0.0.135", + "0.0.136", + "0.0.137", + "0.0.138", + "0.0.139", + "0.0.14", + "0.0.140", + "0.0.141", + "0.0.142", + "0.0.143", + "0.0.144", + "0.0.145", + "0.0.146", + "0.0.147", + "0.0.148", + "0.0.149", + "0.0.15", + "0.0.150", + "0.0.151", + "0.0.152", + "0.0.153", + "0.0.154", + "0.0.155", + "0.0.156", + "0.0.157", + "0.0.158", + "0.0.159", + "0.0.16", + "0.0.160", + "0.0.161", + "0.0.162", + "0.0.163", + "0.0.164", + "0.0.165", + "0.0.166", + "0.0.167", + "0.0.168", + "0.0.169", + "0.0.17", + "0.0.170", + "0.0.171", + "0.0.172", + "0.0.173", + "0.0.174", + "0.0.175", + "0.0.176", + "0.0.177", + "0.0.178", + "0.0.179", + "0.0.18", + "0.0.180", + "0.0.181", + "0.0.182", + "0.0.183", + "0.0.184", + "0.0.185", + "0.0.187", + "0.0.188", + "0.0.189", + "0.0.19", + "0.0.190", + "0.0.191", + "0.0.192", + "0.0.193", + "0.0.194", + "0.0.195", + "0.0.196", + "0.0.197", + "0.0.198", + "0.0.199", + "0.0.2", + "0.0.20", + "0.0.21", + "0.0.22", + "0.0.23", + "0.0.24", + "0.0.25", + "0.0.26", + "0.0.27", + "0.0.28", + "0.0.29", + "0.0.3", + "0.0.30", + "0.0.31", + "0.0.32", + "0.0.33", + "0.0.34", + "0.0.35", + "0.0.36", + "0.0.37", + "0.0.38", + "0.0.39", + "0.0.4", + "0.0.40", + "0.0.41", + "0.0.42", + "0.0.43", + "0.0.44", + "0.0.45", + "0.0.46", + "0.0.47", + "0.0.48", + "0.0.49", + "0.0.5", + "0.0.50", + "0.0.51", + "0.0.52", + "0.0.53", + "0.0.54", + "0.0.56", + "0.0.57", + "0.0.58", + "0.0.59", + "0.0.6", + "0.0.60", + "0.0.61", + "0.0.62", + "0.0.63", + "0.0.64", + "0.0.65", + "0.0.66", + "0.0.67", + "0.0.68", + "0.0.69", + "0.0.7", + "0.0.70", + "0.0.71", + "0.0.72", + "0.0.73", + "0.0.74", + "0.0.75", + "0.0.76", + "0.0.77", + "0.0.78", + "0.0.79", + "0.0.8", + "0.0.80", + "0.0.81", + "0.0.82", + "0.0.83", + "0.0.84", + "0.0.85", + "0.0.86", + "0.0.87", + "0.0.88", + "0.0.89", + "0.0.9", + "0.0.90", + "0.0.91", + "0.0.92", + "0.0.93", + "0.0.94", + "0.0.95", + "0.0.96", + "0.0.97", + "0.0.98", + "0.0.99", + "0.1.0", + "0.1.1", + "0.1.10", + "0.1.11", + "0.1.12", + "0.1.13", + "0.1.14", + "0.1.15", + "0.1.16", + "0.1.17", + "0.1.18", + "0.1.19", + "0.1.2", + "0.1.20", + "0.1.21", + "0.1.22", + "0.1.23", + "0.1.24", + "0.1.25", + "0.1.26", + "0.1.27", + "0.1.3", + "0.1.4", + "0.1.5", + "0.1.6", + "0.1.7", + "0.1.8", + "0.1.9", + "0.10.0", + "0.10.1", + "0.10.10", + "0.10.2", + "0.10.3", + "0.10.4", + "0.10.5", + "0.10.6", + "0.10.7", + "0.10.8", + "0.10.9", + "0.11.0", + "0.11.1", + "0.11.10", + "0.11.11", + "0.11.12", + "0.11.13", + "0.11.14", + "0.11.15", + "0.11.16", + "0.11.17", + "0.11.18", + "0.11.19", + "0.11.2", + "0.11.20", + "0.11.21", + "0.11.22", + "0.11.23", + "0.11.24", + "0.11.25", + "0.11.27", + "0.11.28", + "0.11.29", + "0.11.3", + "0.11.30", + "0.11.31", + "0.11.4", + "0.11.5", + "0.11.6", + "0.11.7", + "0.11.8", + "0.11.9", + "0.12.0", + "0.12.1", + "0.12.10", + "0.12.11", + "0.12.12", + "0.12.13", + "0.12.14", + "0.12.15", + "0.12.16", + "0.12.17", + "0.12.18", + "0.12.19", + "0.12.2", + "0.12.20", + "0.12.21", + "0.12.3", + "0.12.4", + "0.12.5", + "0.12.6", + "0.12.7", + "0.12.8", + "0.12.9", + "0.13.0", + "0.13.1", + "0.13.10", + "0.13.11", + "0.13.12", + "0.13.13", + "0.13.14", + "0.13.15", + "0.13.16", + "0.13.17", + "0.13.18", + "0.13.19", + "0.13.2", + "0.13.20", + "0.13.21", + "0.13.22", + "0.13.23", + "0.13.3", + "0.13.4", + "0.13.5", + "0.13.6", + "0.13.7", + "0.13.8", + "0.13.9", + "0.14.0", + "0.14.1", + "0.14.10", + "0.14.11", + "0.14.12", + "0.14.14", + "0.14.15", + "0.14.16", + "0.14.2", + "0.14.3", + "0.14.4", + "0.14.5", + "0.14.6", + "0.14.7", + "0.14.8", + "0.14.9", + "0.15.0", + "0.15.1", + "0.15.2", + "0.15.3", + "0.2.0", + "0.2.1", + "0.2.2", + "0.3.0", + "0.3.1", + "0.3.2", + "0.3.3", + "0.3.4", + "0.4.0", + "0.4.1", + "0.5.0", + "0.5.1", + "0.5.2", + "0.5.3", + "0.6.0", + "0.6.1", + "0.6.2", + "0.6.3", + "0.6.4", + "0.6.5", + "0.6.6", + "0.6.7", + "0.6.8", + "0.7.0", + "0.7.1", + "0.8.0", + "0.8.1", + "0.9.0", + "0.9.1", + "1.0.0", + "1.1.0", + "1.2.0", + "1.2.1", + "1.2.2", + "1.2.3", + "1.2.4", + "1.3.0", + "1.3.1", + "1.4.0", + "1.4.1", + "1.4.2", + "1.4.3", + "1.4.4", + "1.4.5", + "1.4.6", + "1.4.7", + "1.4.8", + "1.5.0", + "1.5.1", + "1.5.10", + "1.5.100", + "1.5.101", + "1.5.102", + "1.5.103", + "1.5.104", + "1.5.105", + "1.5.106", + "1.5.107", + "1.5.108", + "1.5.109", + "1.5.11", + "1.5.110", + "1.5.111", + "1.5.112", + "1.5.113", + "1.5.114", + "1.5.115", + "1.5.116", + "1.5.117", + "1.5.118", + "1.5.119", + "1.5.12", + "1.5.120", + "1.5.121", + "1.5.122", + "1.5.123", + "1.5.124", + "1.5.125", + "1.5.126", + "1.5.127", + "1.5.128", + "1.5.129", + "1.5.13", + "1.5.130", + "1.5.131", + "1.5.132", + "1.5.133", + "1.5.134", + "1.5.135", + "1.5.136", + "1.5.137", + "1.5.138", + "1.5.139", + "1.5.14", + "1.5.140", + "1.5.141", + "1.5.142", + "1.5.143", + "1.5.144", + "1.5.145", + "1.5.146", + "1.5.147", + "1.5.148", + "1.5.149", + "1.5.15", + "1.5.16", + "1.5.17", + "1.5.18", + "1.5.19", + "1.5.2", + "1.5.20", + "1.5.21", + "1.5.22", + "1.5.23", + "1.5.24", + "1.5.25", + "1.5.26", + "1.5.27", + "1.5.28", + "1.5.29", + "1.5.3", + "1.5.30", + "1.5.31", + "1.5.32", + "1.5.33", + "1.5.34", + "1.5.35", + "1.5.36", + "1.5.37", + "1.5.38", + "1.5.39", + "1.5.40", + "1.5.41", + "1.5.42", + "1.5.43", + "1.5.44", + "1.5.45", + "1.5.46", + "1.5.47", + "1.5.48", + "1.5.49", + "1.5.5", + "1.5.50", + "1.5.51", + "1.5.52", + "1.5.53", + "1.5.54", + "1.5.55", + "1.5.56", + "1.5.57", + "1.5.58", + "1.5.59", + "1.5.6", + "1.5.60", + "1.5.61", + "1.5.62", + "1.5.63", + "1.5.64", + "1.5.65", + "1.5.66", + "1.5.67", + "1.5.68", + "1.5.69", + "1.5.7", + "1.5.70", + "1.5.71", + "1.5.72", + "1.5.73", + "1.5.74", + "1.5.75", + "1.5.76", + "1.5.77", + "1.5.78", + "1.5.79", + "1.5.8", + "1.5.80", + "1.5.81", + "1.5.82", + "1.5.83", + "1.5.84", + "1.5.85", + "1.5.86", + "1.5.87", + "1.5.88", + "1.5.89", + "1.5.9", + "1.5.90", + "1.5.91", + "1.5.92", + "1.5.93", + "1.5.94", + "1.5.95", + "1.5.96", + "1.5.97", + "1.5.98", + "1.5.99", + "1.6.1", + "1.6.10", + "1.6.11", + "1.6.12", + "1.6.13", + "1.6.14", + "1.6.15", + "1.6.16", + "1.6.17", + "1.6.18", + "1.6.19", + "1.6.2", + "1.6.20", + "1.6.21", + "1.6.22", + "1.6.23", + "1.6.24", + "1.6.25", + "1.6.26", + "1.6.27", + "1.6.28", + "1.6.29", + "1.6.3", + "1.6.30", + "1.6.31", + "1.6.32", + "1.6.33", + "1.6.34", + "1.6.35", + "1.6.36", + "1.6.37", + "1.6.38", + "1.6.39", + "1.6.4", + "1.6.5", + "1.6.6", + "1.6.7", + "1.6.8", + "1.6.9" + ], + "action": "BLOCK", + "severity": "CRITICAL", + "reason": "PraisonAI vulnerable to sandbox escape via `print.__self__` builtins module leak in `execute_code` (subprocess mode)", + "link": "https://osv.dev/vulnerability/GHSA-4mr5-g6f9-cfrh" + }, { "id": "GHSA-69fq-xp46-6x23", "component": "trivy", "ecosystem": "binary", - "affected_versions": ["v0.69.4", "v0.69.5", "v0.69.6"], + "affected_versions": [ + "v0.69.4", + "v0.69.5", + "v0.69.6" + ], "action": "BLOCK", "severity": "CRITICAL", "reason": "TeamPCP compromised CI/CD pipeline and pushed malicious binaries that exfiltrate runner memory and environment secrets.", @@ -21,49 +2029,35 @@ }, { "id": "GHSA-69fq-xp46-6x23", - "component": "trivy-action", + "component": "setup-trivy", "ecosystem": "github-actions", - "affected_versions": ["< v0.35.0"], + "affected_versions": [ + "< v0.2.6" + ], "action": "WARN", "severity": "HIGH", - "reason": "Vulnerable tags were force-pushed to point to malicious commits during the March 2026 TeamPCP exposure window. Upgrade to v0.35.0+ and pin by SHA.", - "link": "https://github.com/aquasecurity/trivy-action/security/advisories" + "reason": "Versions prior to v0.2.6 were at elevated risk during the March 2026 TeamPCP exposure window (~4 hours). Upgrade to v0.2.6+ (SHA: 3fb12ec) or pin by digest.", + "link": "https://github.com/aquasecurity/trivy/security/advisories/GHSA-69fq-xp46-6x23" }, { "id": "GHSA-69fq-xp46-6x23", - "component": "setup-trivy", + "component": "trivy-action", "ecosystem": "github-actions", - "affected_versions": ["< v0.2.6"], + "affected_versions": [ + "< v0.35.0" + ], "action": "WARN", "severity": "HIGH", - "reason": "Versions prior to v0.2.6 were at elevated risk during the March 2026 TeamPCP exposure window (~4 hours). Upgrade to v0.2.6+ (SHA: 3fb12ec) or pin by digest.", - "link": "https://github.com/aquasecurity/trivy/security/advisories/GHSA-69fq-xp46-6x23" - }, - { - "id": "CVE-2026-33017", - "component": "langflow", - "ecosystem": "PyPI", - "affected_versions": ["< 1.9.0"], - "action": "BLOCK", - "severity": "CRITICAL", - "reason": "Unauthenticated RCE (CVSS 9.8): POST /api/v1/build_public_tmp/{flow_id}/flow accepts attacker-controlled flow data and passes arbitrary Python code directly to exec() with no sandboxing. Fixed in 1.9.0.", - "link": "https://github.com/advisories/GHSA-rvqx-wpfh-mfx7" - }, - { - "id": "AXIOS-NPM-COMPROMISE-2026-03-31", - "component": "axios", - "ecosystem": "npm", - "affected_versions": ["1.14.1", "0.30.4"], - "action": "BLOCK", - "severity": "CRITICAL", - "reason": "Confirmed npm supply-chain compromise: attacker reportedly hijacked the maintainer npm account and published malicious axios builds that introduced the plain-crypto-js dependency outside the normal GitHub Actions release flow.", - "link": "https://github.com/axios/axios" + "reason": "Vulnerable tags were force-pushed to point to malicious commits during the March 2026 TeamPCP exposure window. Upgrade to v0.35.0+ and pin by SHA.", + "link": "https://github.com/aquasecurity/trivy-action/security/advisories" }, { "id": "BITWARDEN-CLI-COMPROMISE-2026-04-22", "component": "@bitwarden/cli", "ecosystem": "npm", - "affected_versions": ["2026.4.0"], + "affected_versions": [ + "2026.4.0" + ], "action": "BLOCK", "severity": "CRITICAL", "reason": "Confirmed npm supply-chain compromise: attackers hijacked Bitwarden's GitHub Actions, stole release secrets, and pushed a tampered @bitwarden/cli@2026.4.0 build to npm containing malicious code. Remove immediately and rotate any credentials that passed through the CLI.", @@ -73,7 +2067,9 @@ "id": "CVE-2026-46421", "component": "@cap-js/db-service", "ecosystem": "npm", - "affected_versions": ["2.10.1"], + "affected_versions": [ + "2.10.1" + ], "action": "BLOCK", "severity": "CRITICAL", "reason": "Confirmed npm supply-chain compromise: malicious @cap-js package versions were published as part of a coordinated compromise across @cap-js/sqlite, @cap-js/postgres, and @cap-js/db-service.", @@ -83,7 +2079,9 @@ "id": "CVE-2026-46421", "component": "@cap-js/postgres", "ecosystem": "npm", - "affected_versions": ["2.2.2"], + "affected_versions": [ + "2.2.2" + ], "action": "BLOCK", "severity": "CRITICAL", "reason": "Confirmed npm supply-chain compromise: malicious @cap-js package versions were published as part of a coordinated compromise across @cap-js/sqlite, @cap-js/postgres, and @cap-js/db-service.", @@ -93,17 +2091,37 @@ "id": "CVE-2026-46421", "component": "@cap-js/sqlite", "ecosystem": "npm", - "affected_versions": ["2.2.2"], + "affected_versions": [ + "2.2.2" + ], "action": "BLOCK", "severity": "CRITICAL", "reason": "Confirmed npm supply-chain compromise: malicious @cap-js package versions were published as part of a coordinated compromise across @cap-js/sqlite, @cap-js/postgres, and @cap-js/db-service.", "link": "https://osv.dev/vulnerability/GHSA-pvw4-cvr4-97p8" }, + { + "id": "MINI-SHAI-HULUD-2026-05-11", + "component": "@opensearch-project/opensearch", + "ecosystem": "npm", + "affected_versions": [ + "3.5.3", + "3.6.2", + "3.7.0", + "3.8.0" + ], + "action": "BLOCK", + "severity": "CRITICAL", + "reason": "Mini Shai-Hulud supply-chain compromise: confirmed malicious package artifacts tied to credential theft and remote payload execution across npm/PyPI ecosystems.", + "link": "https://socket.dev/blog/tanstack-npm-packages-compromised-mini-shai-hulud-supply-chain-attack" + }, { "id": "CVE-2026-45321", "component": "@tanstack/arktype-adapter", "ecosystem": "npm", - "affected_versions": ["1.166.12", "1.166.15"], + "affected_versions": [ + "1.166.12", + "1.166.15" + ], "action": "BLOCK", "severity": "CRITICAL", "reason": "Mini Shai-Hulud / TanStack supply-chain compromise: malicious npm package versions execute an obfuscated router_init.js payload that harvests cloud, GitHub, npm, Kubernetes, Vault, and SSH credentials and propagates through npm publishing workflows.", @@ -113,7 +2131,10 @@ "id": "CVE-2026-45321", "component": "@tanstack/eslint-plugin-router", "ecosystem": "npm", - "affected_versions": ["1.161.9", "1.161.12"], + "affected_versions": [ + "1.161.9", + "1.161.12" + ], "action": "BLOCK", "severity": "CRITICAL", "reason": "Mini Shai-Hulud / TanStack supply-chain compromise: malicious npm package versions execute an obfuscated router_init.js payload that harvests cloud, GitHub, npm, Kubernetes, Vault, and SSH credentials and propagates through npm publishing workflows.", @@ -123,7 +2144,10 @@ "id": "CVE-2026-45321", "component": "@tanstack/eslint-plugin-start", "ecosystem": "npm", - "affected_versions": ["0.0.4", "0.0.7"], + "affected_versions": [ + "0.0.4", + "0.0.7" + ], "action": "BLOCK", "severity": "CRITICAL", "reason": "Mini Shai-Hulud / TanStack supply-chain compromise: malicious npm package versions execute an obfuscated router_init.js payload that harvests cloud, GitHub, npm, Kubernetes, Vault, and SSH credentials and propagates through npm publishing workflows.", @@ -133,7 +2157,10 @@ "id": "CVE-2026-45321", "component": "@tanstack/history", "ecosystem": "npm", - "affected_versions": ["1.161.9", "1.161.12"], + "affected_versions": [ + "1.161.9", + "1.161.12" + ], "action": "BLOCK", "severity": "CRITICAL", "reason": "Mini Shai-Hulud / TanStack supply-chain compromise: malicious npm package versions execute an obfuscated router_init.js payload that harvests cloud, GitHub, npm, Kubernetes, Vault, and SSH credentials and propagates through npm publishing workflows.", @@ -143,7 +2170,10 @@ "id": "CVE-2026-45321", "component": "@tanstack/nitro-v2-vite-plugin", "ecosystem": "npm", - "affected_versions": ["1.154.12", "1.154.15"], + "affected_versions": [ + "1.154.12", + "1.154.15" + ], "action": "BLOCK", "severity": "CRITICAL", "reason": "Mini Shai-Hulud / TanStack supply-chain compromise: malicious npm package versions execute an obfuscated router_init.js payload that harvests cloud, GitHub, npm, Kubernetes, Vault, and SSH credentials and propagates through npm publishing workflows.", @@ -153,7 +2183,10 @@ "id": "CVE-2026-45321", "component": "@tanstack/react-router", "ecosystem": "npm", - "affected_versions": ["1.169.5", "1.169.8"], + "affected_versions": [ + "1.169.5", + "1.169.8" + ], "action": "BLOCK", "severity": "CRITICAL", "reason": "Mini Shai-Hulud / TanStack supply-chain compromise: malicious npm package versions execute an obfuscated router_init.js payload that harvests cloud, GitHub, npm, Kubernetes, Vault, and SSH credentials and propagates through npm publishing workflows.", @@ -163,7 +2196,10 @@ "id": "CVE-2026-45321", "component": "@tanstack/react-router-devtools", "ecosystem": "npm", - "affected_versions": ["1.166.16", "1.166.19"], + "affected_versions": [ + "1.166.16", + "1.166.19" + ], "action": "BLOCK", "severity": "CRITICAL", "reason": "Mini Shai-Hulud / TanStack supply-chain compromise: malicious npm package versions execute an obfuscated router_init.js payload that harvests cloud, GitHub, npm, Kubernetes, Vault, and SSH credentials and propagates through npm publishing workflows.", @@ -173,7 +2209,10 @@ "id": "CVE-2026-45321", "component": "@tanstack/react-router-ssr-query", "ecosystem": "npm", - "affected_versions": ["1.166.15", "1.166.18"], + "affected_versions": [ + "1.166.15", + "1.166.18" + ], "action": "BLOCK", "severity": "CRITICAL", "reason": "Mini Shai-Hulud / TanStack supply-chain compromise: malicious npm package versions execute an obfuscated router_init.js payload that harvests cloud, GitHub, npm, Kubernetes, Vault, and SSH credentials and propagates through npm publishing workflows.", @@ -183,7 +2222,10 @@ "id": "CVE-2026-45321", "component": "@tanstack/react-start", "ecosystem": "npm", - "affected_versions": ["1.167.68", "1.167.71"], + "affected_versions": [ + "1.167.68", + "1.167.71" + ], "action": "BLOCK", "severity": "CRITICAL", "reason": "Mini Shai-Hulud / TanStack supply-chain compromise: malicious npm package versions execute an obfuscated router_init.js payload that harvests cloud, GitHub, npm, Kubernetes, Vault, and SSH credentials and propagates through npm publishing workflows.", @@ -193,7 +2235,10 @@ "id": "CVE-2026-45321", "component": "@tanstack/react-start-client", "ecosystem": "npm", - "affected_versions": ["1.166.51", "1.166.54"], + "affected_versions": [ + "1.166.51", + "1.166.54" + ], "action": "BLOCK", "severity": "CRITICAL", "reason": "Mini Shai-Hulud / TanStack supply-chain compromise: malicious npm package versions execute an obfuscated router_init.js payload that harvests cloud, GitHub, npm, Kubernetes, Vault, and SSH credentials and propagates through npm publishing workflows.", @@ -203,7 +2248,10 @@ "id": "CVE-2026-45321", "component": "@tanstack/react-start-rsc", "ecosystem": "npm", - "affected_versions": ["0.0.47", "0.0.50"], + "affected_versions": [ + "0.0.47", + "0.0.50" + ], "action": "BLOCK", "severity": "CRITICAL", "reason": "Mini Shai-Hulud / TanStack supply-chain compromise: malicious npm package versions execute an obfuscated router_init.js payload that harvests cloud, GitHub, npm, Kubernetes, Vault, and SSH credentials and propagates through npm publishing workflows.", @@ -213,7 +2261,10 @@ "id": "CVE-2026-45321", "component": "@tanstack/react-start-server", "ecosystem": "npm", - "affected_versions": ["1.166.55", "1.166.58"], + "affected_versions": [ + "1.166.55", + "1.166.58" + ], "action": "BLOCK", "severity": "CRITICAL", "reason": "Mini Shai-Hulud / TanStack supply-chain compromise: malicious npm package versions execute an obfuscated router_init.js payload that harvests cloud, GitHub, npm, Kubernetes, Vault, and SSH credentials and propagates through npm publishing workflows.", @@ -223,7 +2274,10 @@ "id": "CVE-2026-45321", "component": "@tanstack/router-cli", "ecosystem": "npm", - "affected_versions": ["1.166.46", "1.166.49"], + "affected_versions": [ + "1.166.46", + "1.166.49" + ], "action": "BLOCK", "severity": "CRITICAL", "reason": "Mini Shai-Hulud / TanStack supply-chain compromise: malicious npm package versions execute an obfuscated router_init.js payload that harvests cloud, GitHub, npm, Kubernetes, Vault, and SSH credentials and propagates through npm publishing workflows.", @@ -233,7 +2287,10 @@ "id": "CVE-2026-45321", "component": "@tanstack/router-core", "ecosystem": "npm", - "affected_versions": ["1.169.5", "1.169.8"], + "affected_versions": [ + "1.169.5", + "1.169.8" + ], "action": "BLOCK", "severity": "CRITICAL", "reason": "Mini Shai-Hulud / TanStack supply-chain compromise: malicious npm package versions execute an obfuscated router_init.js payload that harvests cloud, GitHub, npm, Kubernetes, Vault, and SSH credentials and propagates through npm publishing workflows.", @@ -243,7 +2300,10 @@ "id": "CVE-2026-45321", "component": "@tanstack/router-devtools", "ecosystem": "npm", - "affected_versions": ["1.166.16", "1.166.19"], + "affected_versions": [ + "1.166.16", + "1.166.19" + ], "action": "BLOCK", "severity": "CRITICAL", "reason": "Mini Shai-Hulud / TanStack supply-chain compromise: malicious npm package versions execute an obfuscated router_init.js payload that harvests cloud, GitHub, npm, Kubernetes, Vault, and SSH credentials and propagates through npm publishing workflows.", @@ -253,7 +2313,10 @@ "id": "CVE-2026-45321", "component": "@tanstack/router-devtools-core", "ecosystem": "npm", - "affected_versions": ["1.167.6", "1.167.9"], + "affected_versions": [ + "1.167.6", + "1.167.9" + ], "action": "BLOCK", "severity": "CRITICAL", "reason": "Mini Shai-Hulud / TanStack supply-chain compromise: malicious npm package versions execute an obfuscated router_init.js payload that harvests cloud, GitHub, npm, Kubernetes, Vault, and SSH credentials and propagates through npm publishing workflows.", @@ -263,7 +2326,10 @@ "id": "CVE-2026-45321", "component": "@tanstack/router-generator", "ecosystem": "npm", - "affected_versions": ["1.166.45", "1.166.48"], + "affected_versions": [ + "1.166.45", + "1.166.48" + ], "action": "BLOCK", "severity": "CRITICAL", "reason": "Mini Shai-Hulud / TanStack supply-chain compromise: malicious npm package versions execute an obfuscated router_init.js payload that harvests cloud, GitHub, npm, Kubernetes, Vault, and SSH credentials and propagates through npm publishing workflows.", @@ -273,7 +2339,10 @@ "id": "CVE-2026-45321", "component": "@tanstack/router-plugin", "ecosystem": "npm", - "affected_versions": ["1.167.38", "1.167.41"], + "affected_versions": [ + "1.167.38", + "1.167.41" + ], "action": "BLOCK", "severity": "CRITICAL", "reason": "Mini Shai-Hulud / TanStack supply-chain compromise: malicious npm package versions execute an obfuscated router_init.js payload that harvests cloud, GitHub, npm, Kubernetes, Vault, and SSH credentials and propagates through npm publishing workflows.", @@ -283,7 +2352,10 @@ "id": "CVE-2026-45321", "component": "@tanstack/router-ssr-query-core", "ecosystem": "npm", - "affected_versions": ["1.168.3", "1.168.6"], + "affected_versions": [ + "1.168.3", + "1.168.6" + ], "action": "BLOCK", "severity": "CRITICAL", "reason": "Mini Shai-Hulud / TanStack supply-chain compromise: malicious npm package versions execute an obfuscated router_init.js payload that harvests cloud, GitHub, npm, Kubernetes, Vault, and SSH credentials and propagates through npm publishing workflows.", @@ -293,7 +2365,10 @@ "id": "CVE-2026-45321", "component": "@tanstack/router-utils", "ecosystem": "npm", - "affected_versions": ["1.161.11", "1.161.14"], + "affected_versions": [ + "1.161.11", + "1.161.14" + ], "action": "BLOCK", "severity": "CRITICAL", "reason": "Mini Shai-Hulud / TanStack supply-chain compromise: malicious npm package versions execute an obfuscated router_init.js payload that harvests cloud, GitHub, npm, Kubernetes, Vault, and SSH credentials and propagates through npm publishing workflows.", @@ -303,7 +2378,10 @@ "id": "CVE-2026-45321", "component": "@tanstack/router-vite-plugin", "ecosystem": "npm", - "affected_versions": ["1.166.53", "1.166.56"], + "affected_versions": [ + "1.166.53", + "1.166.56" + ], "action": "BLOCK", "severity": "CRITICAL", "reason": "Mini Shai-Hulud / TanStack supply-chain compromise: malicious npm package versions execute an obfuscated router_init.js payload that harvests cloud, GitHub, npm, Kubernetes, Vault, and SSH credentials and propagates through npm publishing workflows.", @@ -313,7 +2391,10 @@ "id": "CVE-2026-45321", "component": "@tanstack/solid-router", "ecosystem": "npm", - "affected_versions": ["1.169.5", "1.169.8"], + "affected_versions": [ + "1.169.5", + "1.169.8" + ], "action": "BLOCK", "severity": "CRITICAL", "reason": "Mini Shai-Hulud / TanStack supply-chain compromise: malicious npm package versions execute an obfuscated router_init.js payload that harvests cloud, GitHub, npm, Kubernetes, Vault, and SSH credentials and propagates through npm publishing workflows.", @@ -323,7 +2404,10 @@ "id": "CVE-2026-45321", "component": "@tanstack/solid-router-devtools", "ecosystem": "npm", - "affected_versions": ["1.166.16", "1.166.19"], + "affected_versions": [ + "1.166.16", + "1.166.19" + ], "action": "BLOCK", "severity": "CRITICAL", "reason": "Mini Shai-Hulud / TanStack supply-chain compromise: malicious npm package versions execute an obfuscated router_init.js payload that harvests cloud, GitHub, npm, Kubernetes, Vault, and SSH credentials and propagates through npm publishing workflows.", @@ -333,7 +2417,10 @@ "id": "CVE-2026-45321", "component": "@tanstack/solid-router-ssr-query", "ecosystem": "npm", - "affected_versions": ["1.166.15", "1.166.18"], + "affected_versions": [ + "1.166.15", + "1.166.18" + ], "action": "BLOCK", "severity": "CRITICAL", "reason": "Mini Shai-Hulud / TanStack supply-chain compromise: malicious npm package versions execute an obfuscated router_init.js payload that harvests cloud, GitHub, npm, Kubernetes, Vault, and SSH credentials and propagates through npm publishing workflows.", @@ -343,7 +2430,10 @@ "id": "CVE-2026-45321", "component": "@tanstack/solid-start", "ecosystem": "npm", - "affected_versions": ["1.167.65", "1.167.68"], + "affected_versions": [ + "1.167.65", + "1.167.68" + ], "action": "BLOCK", "severity": "CRITICAL", "reason": "Mini Shai-Hulud / TanStack supply-chain compromise: malicious npm package versions execute an obfuscated router_init.js payload that harvests cloud, GitHub, npm, Kubernetes, Vault, and SSH credentials and propagates through npm publishing workflows.", @@ -353,7 +2443,10 @@ "id": "CVE-2026-45321", "component": "@tanstack/solid-start-client", "ecosystem": "npm", - "affected_versions": ["1.166.50", "1.166.53"], + "affected_versions": [ + "1.166.50", + "1.166.53" + ], "action": "BLOCK", "severity": "CRITICAL", "reason": "Mini Shai-Hulud / TanStack supply-chain compromise: malicious npm package versions execute an obfuscated router_init.js payload that harvests cloud, GitHub, npm, Kubernetes, Vault, and SSH credentials and propagates through npm publishing workflows.", @@ -363,7 +2456,10 @@ "id": "CVE-2026-45321", "component": "@tanstack/solid-start-server", "ecosystem": "npm", - "affected_versions": ["1.166.54", "1.166.57"], + "affected_versions": [ + "1.166.54", + "1.166.57" + ], "action": "BLOCK", "severity": "CRITICAL", "reason": "Mini Shai-Hulud / TanStack supply-chain compromise: malicious npm package versions execute an obfuscated router_init.js payload that harvests cloud, GitHub, npm, Kubernetes, Vault, and SSH credentials and propagates through npm publishing workflows.", @@ -373,7 +2469,10 @@ "id": "CVE-2026-45321", "component": "@tanstack/start-client-core", "ecosystem": "npm", - "affected_versions": ["1.168.5", "1.168.8"], + "affected_versions": [ + "1.168.5", + "1.168.8" + ], "action": "BLOCK", "severity": "CRITICAL", "reason": "Mini Shai-Hulud / TanStack supply-chain compromise: malicious npm package versions execute an obfuscated router_init.js payload that harvests cloud, GitHub, npm, Kubernetes, Vault, and SSH credentials and propagates through npm publishing workflows.", @@ -383,7 +2482,10 @@ "id": "CVE-2026-45321", "component": "@tanstack/start-fn-stubs", "ecosystem": "npm", - "affected_versions": ["1.161.9", "1.161.12"], + "affected_versions": [ + "1.161.9", + "1.161.12" + ], "action": "BLOCK", "severity": "CRITICAL", "reason": "Mini Shai-Hulud / TanStack supply-chain compromise: malicious npm package versions execute an obfuscated router_init.js payload that harvests cloud, GitHub, npm, Kubernetes, Vault, and SSH credentials and propagates through npm publishing workflows.", @@ -393,7 +2495,10 @@ "id": "CVE-2026-45321", "component": "@tanstack/start-plugin-core", "ecosystem": "npm", - "affected_versions": ["1.169.23", "1.169.26"], + "affected_versions": [ + "1.169.23", + "1.169.26" + ], "action": "BLOCK", "severity": "CRITICAL", "reason": "Mini Shai-Hulud / TanStack supply-chain compromise: malicious npm package versions execute an obfuscated router_init.js payload that harvests cloud, GitHub, npm, Kubernetes, Vault, and SSH credentials and propagates through npm publishing workflows.", @@ -403,7 +2508,10 @@ "id": "CVE-2026-45321", "component": "@tanstack/start-server-core", "ecosystem": "npm", - "affected_versions": ["1.167.33", "1.167.36"], + "affected_versions": [ + "1.167.33", + "1.167.36" + ], "action": "BLOCK", "severity": "CRITICAL", "reason": "Mini Shai-Hulud / TanStack supply-chain compromise: malicious npm package versions execute an obfuscated router_init.js payload that harvests cloud, GitHub, npm, Kubernetes, Vault, and SSH credentials and propagates through npm publishing workflows.", @@ -413,7 +2521,10 @@ "id": "CVE-2026-45321", "component": "@tanstack/start-static-server-functions", "ecosystem": "npm", - "affected_versions": ["1.166.44", "1.166.47"], + "affected_versions": [ + "1.166.44", + "1.166.47" + ], "action": "BLOCK", "severity": "CRITICAL", "reason": "Mini Shai-Hulud / TanStack supply-chain compromise: malicious npm package versions execute an obfuscated router_init.js payload that harvests cloud, GitHub, npm, Kubernetes, Vault, and SSH credentials and propagates through npm publishing workflows.", @@ -423,7 +2534,10 @@ "id": "CVE-2026-45321", "component": "@tanstack/start-storage-context", "ecosystem": "npm", - "affected_versions": ["1.166.38", "1.166.41"], + "affected_versions": [ + "1.166.38", + "1.166.41" + ], "action": "BLOCK", "severity": "CRITICAL", "reason": "Mini Shai-Hulud / TanStack supply-chain compromise: malicious npm package versions execute an obfuscated router_init.js payload that harvests cloud, GitHub, npm, Kubernetes, Vault, and SSH credentials and propagates through npm publishing workflows.", @@ -433,7 +2547,10 @@ "id": "CVE-2026-45321", "component": "@tanstack/valibot-adapter", "ecosystem": "npm", - "affected_versions": ["1.166.12", "1.166.15"], + "affected_versions": [ + "1.166.12", + "1.166.15" + ], "action": "BLOCK", "severity": "CRITICAL", "reason": "Mini Shai-Hulud / TanStack supply-chain compromise: malicious npm package versions execute an obfuscated router_init.js payload that harvests cloud, GitHub, npm, Kubernetes, Vault, and SSH credentials and propagates through npm publishing workflows.", @@ -443,7 +2560,10 @@ "id": "CVE-2026-45321", "component": "@tanstack/virtual-file-routes", "ecosystem": "npm", - "affected_versions": ["1.161.10", "1.161.13"], + "affected_versions": [ + "1.161.10", + "1.161.13" + ], "action": "BLOCK", "severity": "CRITICAL", "reason": "Mini Shai-Hulud / TanStack supply-chain compromise: malicious npm package versions execute an obfuscated router_init.js payload that harvests cloud, GitHub, npm, Kubernetes, Vault, and SSH credentials and propagates through npm publishing workflows.", @@ -453,7 +2573,10 @@ "id": "CVE-2026-45321", "component": "@tanstack/vue-router", "ecosystem": "npm", - "affected_versions": ["1.169.5", "1.169.8"], + "affected_versions": [ + "1.169.5", + "1.169.8" + ], "action": "BLOCK", "severity": "CRITICAL", "reason": "Mini Shai-Hulud / TanStack supply-chain compromise: malicious npm package versions execute an obfuscated router_init.js payload that harvests cloud, GitHub, npm, Kubernetes, Vault, and SSH credentials and propagates through npm publishing workflows.", @@ -463,7 +2586,10 @@ "id": "CVE-2026-45321", "component": "@tanstack/vue-router-devtools", "ecosystem": "npm", - "affected_versions": ["1.166.16", "1.166.19"], + "affected_versions": [ + "1.166.16", + "1.166.19" + ], "action": "BLOCK", "severity": "CRITICAL", "reason": "Mini Shai-Hulud / TanStack supply-chain compromise: malicious npm package versions execute an obfuscated router_init.js payload that harvests cloud, GitHub, npm, Kubernetes, Vault, and SSH credentials and propagates through npm publishing workflows.", @@ -473,7 +2599,10 @@ "id": "CVE-2026-45321", "component": "@tanstack/vue-router-ssr-query", "ecosystem": "npm", - "affected_versions": ["1.166.15", "1.166.18"], + "affected_versions": [ + "1.166.15", + "1.166.18" + ], "action": "BLOCK", "severity": "CRITICAL", "reason": "Mini Shai-Hulud / TanStack supply-chain compromise: malicious npm package versions execute an obfuscated router_init.js payload that harvests cloud, GitHub, npm, Kubernetes, Vault, and SSH credentials and propagates through npm publishing workflows.", @@ -483,7 +2612,10 @@ "id": "CVE-2026-45321", "component": "@tanstack/vue-start", "ecosystem": "npm", - "affected_versions": ["1.167.61", "1.167.64"], + "affected_versions": [ + "1.167.61", + "1.167.64" + ], "action": "BLOCK", "severity": "CRITICAL", "reason": "Mini Shai-Hulud / TanStack supply-chain compromise: malicious npm package versions execute an obfuscated router_init.js payload that harvests cloud, GitHub, npm, Kubernetes, Vault, and SSH credentials and propagates through npm publishing workflows.", @@ -493,7 +2625,10 @@ "id": "CVE-2026-45321", "component": "@tanstack/vue-start-client", "ecosystem": "npm", - "affected_versions": ["1.166.46", "1.166.49"], + "affected_versions": [ + "1.166.46", + "1.166.49" + ], "action": "BLOCK", "severity": "CRITICAL", "reason": "Mini Shai-Hulud / TanStack supply-chain compromise: malicious npm package versions execute an obfuscated router_init.js payload that harvests cloud, GitHub, npm, Kubernetes, Vault, and SSH credentials and propagates through npm publishing workflows.", @@ -503,7 +2638,10 @@ "id": "CVE-2026-45321", "component": "@tanstack/vue-start-server", "ecosystem": "npm", - "affected_versions": ["1.166.50", "1.166.53"], + "affected_versions": [ + "1.166.50", + "1.166.53" + ], "action": "BLOCK", "severity": "CRITICAL", "reason": "Mini Shai-Hulud / TanStack supply-chain compromise: malicious npm package versions execute an obfuscated router_init.js payload that harvests cloud, GitHub, npm, Kubernetes, Vault, and SSH credentials and propagates through npm publishing workflows.", @@ -513,40 +2651,26 @@ "id": "CVE-2026-45321", "component": "@tanstack/zod-adapter", "ecosystem": "npm", - "affected_versions": ["1.166.12", "1.166.15"], + "affected_versions": [ + "1.166.12", + "1.166.15" + ], "action": "BLOCK", "severity": "CRITICAL", "reason": "Mini Shai-Hulud / TanStack supply-chain compromise: malicious npm package versions execute an obfuscated router_init.js payload that harvests cloud, GitHub, npm, Kubernetes, Vault, and SSH credentials and propagates through npm publishing workflows.", "link": "https://github.com/advisories/GHSA-g7cv-rxg3-hmpx" }, { - "id": "MINI-SHAI-HULUD-2026-05-11", - "component": "@opensearch-project/opensearch", + "id": "AXIOS-NPM-COMPROMISE-2026-03-31", + "component": "axios", "ecosystem": "npm", - "affected_versions": ["3.5.3", "3.6.2", "3.7.0", "3.8.0"], - "action": "BLOCK", - "severity": "CRITICAL", - "reason": "Mini Shai-Hulud supply-chain compromise: confirmed malicious package artifacts tied to credential theft and remote payload execution across npm/PyPI ecosystems.", - "link": "https://socket.dev/blog/tanstack-npm-packages-compromised-mini-shai-hulud-supply-chain-attack" - }, - { - "id": "MINI-SHAI-HULUD-2026-05-11", - "component": "mistralai", - "ecosystem": "PyPI", - "affected_versions": ["2.4.6"], - "action": "BLOCK", - "severity": "CRITICAL", - "reason": "Mini Shai-Hulud supply-chain compromise: compromised PyPI release reportedly downloads and executes a secondary payload on Linux systems and targets developer credentials.", - "link": "https://thehackernews.com/2026/05/tanstack-supply-chain-attack-hits-two.html" - }, - { - "id": "MINI-SHAI-HULUD-2026-05-11", - "component": "guardrails-ai", - "ecosystem": "PyPI", - "affected_versions": ["0.10.1"], + "affected_versions": [ + "1.14.1", + "0.30.4" + ], "action": "BLOCK", "severity": "CRITICAL", - "reason": "Mini Shai-Hulud supply-chain compromise: compromised PyPI release downloads a remote Python artifact and executes it without integrity verification.", - "link": "https://socket.dev/blog/tanstack-npm-packages-compromised-mini-shai-hulud-supply-chain-attack" + "reason": "Confirmed npm supply-chain compromise: attacker reportedly hijacked the maintainer npm account and published malicious axios builds that introduced the plain-crypto-js dependency outside the normal GitHub Actions release flow.", + "link": "https://github.com/axios/axios" } ]