diff --git a/pkg/analyzer/data/blacklist.json b/pkg/analyzer/data/blacklist.json index b9b409d..8062bc2 100644 --- a/pkg/analyzer/data/blacklist.json +++ b/pkg/analyzer/data/blacklist.json @@ -1,19 +1,359 @@ [ + { + "id": "CVE-2026-44017", + "component": "docling", + "ecosystem": "PyPI", + "affected_versions": [ + "0.1.0", + "0.1.1", + "0.1.2", + "0.2.0", + "0.3.0", + "0.3.1", + "0.4.0", + "1.0.0", + "1.0.1", + "1.0.2", + "1.1.0", + "1.1.1", + "1.1.2", + "1.10.0", + "1.11.0", + "1.12.0", + "1.12.1", + "1.12.2", + "1.13.0", + "1.13.1", + "1.14.0", + "1.15.0", + "1.16.0", + "1.16.1", + "1.17.0", + "1.18.0", + "1.19.0", + "1.19.1", + "1.2.0", + "1.2.1", + "1.20.0", + "1.3.0", + "1.4.0", + "1.5.0", + "1.6.0", + "1.6.1", + "1.6.2", + "1.6.3", + "1.7.0", + "1.7.1", + "1.8.0", + "1.8.1", + "1.8.2", + "1.8.3", + "1.8.4", + "1.8.5", + "1.9.0", + "2.0.0", + "2.1.0", + "2.10.0", + "2.11.0", + "2.12.0", + "2.13.0", + "2.14.0", + "2.15.0", + "2.15.1", + "2.16.0", + "2.17.0", + "2.18.0", + "2.19.0", + "2.2.0", + "2.2.1", + "2.20.0", + "2.21.0", + "2.22.0", + "2.23.0", + "2.23.1", + "2.24.0", + "2.25.0", + "2.25.1", + "2.25.2", + "2.26.0", + "2.27.0", + "2.28.0", + "2.28.1", + "2.28.2", + "2.28.3", + "2.28.4", + "2.29.0", + "2.3.0", + "2.3.1", + "2.30.0", + "2.31.0", + "2.31.1", + "2.31.2", + "2.32.0", + "2.33.0", + "2.34.0", + "2.35.0", + "2.36.0", + "2.36.1", + "2.37.0", + "2.38.0", + "2.38.1", + "2.39.0", + "2.4.0", + "2.4.1", + "2.4.2", + "2.40.0", + "2.41.0", + "2.42.0", + "2.42.1", + "2.42.2", + "2.43.0", + "2.44.0", + "2.45.0", + "2.46.0", + "2.47.0", + "2.47.1", + "2.48.0", + "2.49.0", + "2.5.0", + "2.5.1", + "2.5.2", + "2.50.0", + "2.51.0", + "2.52.0", + "2.53.0", + "2.54.0", + "2.55.0", + "2.55.1", + "2.56.0", + "2.56.1", + "2.57.0", + "2.58.0", + "2.59.0", + "2.6.0", + "2.60.0", + "2.60.1", + "2.61.0", + "2.61.1", + "2.61.2", + "2.62.0", + "2.63.0", + "2.64.0", + "2.64.1", + "2.65.0", + "2.66.0", + "2.67.0", + "2.68.0", + "2.69.0", + "2.69.1", + "2.7.0", + "2.7.1", + "2.70.0", + "2.71.0", + "2.72.0", + "2.73.0", + "2.73.1", + "2.74.0", + "2.75.0", + "2.76.0", + "2.77.0", + "2.78.0", + "2.79.0", + "2.8.0", + "2.8.1", + "2.8.2", + "2.8.3", + "2.80.0", + "2.81.0", + "2.82.0", + "2.83.0", + "2.84.0", + "2.85.0", + "2.86.0", + "2.87.0", + "2.88.0", + "2.89.0", + "2.9.0", + "2.90.0" + ], + "action": "BLOCK", + "severity": "HIGH", + "reason": "Docling: Unsafe Zip Extraction in EasyOCR Model Download", + "link": "https://osv.dev/vulnerability/GHSA-cjqg-rq2h-2fvj" + }, + { + "id": "CVE-2026-44020", + "component": "docling", + "ecosystem": "PyPI", + "affected_versions": [ + "2.13.0", + "2.14.0", + "2.15.0", + "2.15.1", + "2.16.0", + "2.17.0", + "2.18.0", + "2.19.0", + "2.20.0", + "2.21.0", + "2.22.0", + "2.23.0", + "2.23.1", + "2.24.0", + "2.25.0", + "2.25.1", + "2.25.2", + "2.26.0", + "2.27.0", + "2.28.0", + "2.28.1", + "2.28.2", + "2.28.3", + "2.28.4", + "2.29.0", + "2.30.0", + "2.31.0", + "2.31.1", + "2.31.2", + "2.32.0", + "2.33.0", + "2.34.0", + "2.35.0", + "2.36.0", + "2.36.1", + "2.37.0", + "2.38.0", + "2.38.1", + "2.39.0", + "2.40.0", + "2.41.0", + "2.42.0", + "2.42.1", + "2.42.2", + "2.43.0", + "2.44.0", + "2.45.0", + "2.46.0", + "2.47.0", + "2.47.1", + "2.48.0", + "2.49.0", + "2.50.0", + "2.51.0", + "2.52.0", + "2.53.0", + "2.54.0", + "2.55.0", + "2.55.1", + "2.56.0", + "2.56.1", + "2.57.0", + "2.58.0", + "2.59.0", + "2.60.0", + "2.60.1", + "2.61.0", + "2.61.1", + "2.61.2", + "2.62.0", + "2.63.0", + "2.64.0", + "2.64.1", + "2.65.0", + "2.66.0", + "2.67.0", + "2.68.0", + "2.69.0", + "2.69.1", + "2.70.0", + "2.71.0", + "2.72.0", + "2.73.0", + "2.73.1" + ], + "action": "BLOCK", + "severity": "HIGH", + "reason": "Docling: Unsafe XML Entity Expansion in USPTO Patent Backend", + "link": "https://osv.dev/vulnerability/GHSA-m88r-rg27-5xfg" + }, + { + "id": "CVE-2026-44016", + "component": "docling", + "ecosystem": "PyPI", + "affected_versions": [ + "2.82.0", + "2.83.0", + "2.84.0", + "2.85.0", + "2.86.0", + "2.87.0", + "2.88.0", + "2.89.0", + "2.90.0" + ], + "action": "BLOCK", + "severity": "HIGH", + "reason": "Docling: Unsafe Playwright-based HTML Rendering", + "link": "https://osv.dev/vulnerability/GHSA-pj2v-ggqh-cmq2" + }, + { + "id": "MINI-SHAI-HULUD-2026-05-11", + "component": "guardrails-ai", + "ecosystem": "PyPI", + "affected_versions": [ + "0.10.1" + ], + "action": "BLOCK", + "severity": "CRITICAL", + "reason": "Mini Shai-Hulud supply-chain compromise: compromised PyPI release downloads a remote Python artifact and executes it without integrity verification.", + "link": "https://socket.dev/blog/tanstack-npm-packages-compromised-mini-shai-hulud-supply-chain-attack" + }, + { + "id": "CVE-2026-33017", + "component": "langflow", + "ecosystem": "PyPI", + "affected_versions": [ + "< 1.9.0" + ], + "action": "BLOCK", + "severity": "CRITICAL", + "reason": "Unauthenticated RCE (CVSS 9.8): POST /api/v1/build_public_tmp/{flow_id}/flow accepts attacker-controlled flow data and passes arbitrary Python code directly to exec() with no sandboxing. Fixed in 1.9.0.", + "link": "https://github.com/advisories/GHSA-rvqx-wpfh-mfx7" + }, { "id": "SNYK-PYTHON-LITELLM-15762713", "component": "litellm", "ecosystem": "PyPI", - "affected_versions": ["1.82.7", "1.82.8"], + "affected_versions": [ + "1.82.7", + "1.82.8" + ], "action": "BLOCK", "severity": "CRITICAL", "reason": "TeamPCP supply chain attack: malicious .pth file steals SSH keys, AWS/K8s credentials and .env files on every Python startup, then establishes systemd persistence and attempts Kubernetes lateral movement.", "link": "https://security.snyk.io/vuln/SNYK-PYTHON-LITELLM-15762713" }, + { + "id": "MINI-SHAI-HULUD-2026-05-11", + "component": "mistralai", + "ecosystem": "PyPI", + "affected_versions": [ + "2.4.6" + ], + "action": "BLOCK", + "severity": "CRITICAL", + "reason": "Mini Shai-Hulud supply-chain compromise: compromised PyPI release reportedly downloads and executes a secondary payload on Linux systems and targets developer credentials.", + "link": "https://thehackernews.com/2026/05/tanstack-supply-chain-attack-hits-two.html" + }, { "id": "GHSA-69fq-xp46-6x23", "component": "trivy", "ecosystem": "binary", - "affected_versions": ["v0.69.4", "v0.69.5", "v0.69.6"], + "affected_versions": [ + "v0.69.4", + "v0.69.5", + "v0.69.6" + ], "action": "BLOCK", "severity": "CRITICAL", "reason": "TeamPCP compromised CI/CD pipeline and pushed malicious binaries that exfiltrate runner memory and environment secrets.", @@ -21,49 +361,35 @@ }, { "id": "GHSA-69fq-xp46-6x23", - "component": "trivy-action", + "component": "setup-trivy", "ecosystem": "github-actions", - "affected_versions": ["< v0.35.0"], + "affected_versions": [ + "< v0.2.6" + ], "action": "WARN", "severity": "HIGH", - "reason": "Vulnerable tags were force-pushed to point to malicious commits during the March 2026 TeamPCP exposure window. Upgrade to v0.35.0+ and pin by SHA.", - "link": "https://github.com/aquasecurity/trivy-action/security/advisories" + "reason": "Versions prior to v0.2.6 were at elevated risk during the March 2026 TeamPCP exposure window (~4 hours). Upgrade to v0.2.6+ (SHA: 3fb12ec) or pin by digest.", + "link": "https://github.com/aquasecurity/trivy/security/advisories/GHSA-69fq-xp46-6x23" }, { "id": "GHSA-69fq-xp46-6x23", - "component": "setup-trivy", + "component": "trivy-action", "ecosystem": "github-actions", - "affected_versions": ["< v0.2.6"], + "affected_versions": [ + "< v0.35.0" + ], "action": "WARN", "severity": "HIGH", - "reason": "Versions prior to v0.2.6 were at elevated risk during the March 2026 TeamPCP exposure window (~4 hours). Upgrade to v0.2.6+ (SHA: 3fb12ec) or pin by digest.", - "link": "https://github.com/aquasecurity/trivy/security/advisories/GHSA-69fq-xp46-6x23" - }, - { - "id": "CVE-2026-33017", - "component": "langflow", - "ecosystem": "PyPI", - "affected_versions": ["< 1.9.0"], - "action": "BLOCK", - "severity": "CRITICAL", - "reason": "Unauthenticated RCE (CVSS 9.8): POST /api/v1/build_public_tmp/{flow_id}/flow accepts attacker-controlled flow data and passes arbitrary Python code directly to exec() with no sandboxing. Fixed in 1.9.0.", - "link": "https://github.com/advisories/GHSA-rvqx-wpfh-mfx7" - }, - { - "id": "AXIOS-NPM-COMPROMISE-2026-03-31", - "component": "axios", - "ecosystem": "npm", - "affected_versions": ["1.14.1", "0.30.4"], - "action": "BLOCK", - "severity": "CRITICAL", - "reason": "Confirmed npm supply-chain compromise: attacker reportedly hijacked the maintainer npm account and published malicious axios builds that introduced the plain-crypto-js dependency outside the normal GitHub Actions release flow.", - "link": "https://github.com/axios/axios" + "reason": "Vulnerable tags were force-pushed to point to malicious commits during the March 2026 TeamPCP exposure window. Upgrade to v0.35.0+ and pin by SHA.", + "link": "https://github.com/aquasecurity/trivy-action/security/advisories" }, { "id": "BITWARDEN-CLI-COMPROMISE-2026-04-22", "component": "@bitwarden/cli", "ecosystem": "npm", - "affected_versions": ["2026.4.0"], + "affected_versions": [ + "2026.4.0" + ], "action": "BLOCK", "severity": "CRITICAL", "reason": "Confirmed npm supply-chain compromise: attackers hijacked Bitwarden's GitHub Actions, stole release secrets, and pushed a tampered @bitwarden/cli@2026.4.0 build to npm containing malicious code. Remove immediately and rotate any credentials that passed through the CLI.", @@ -73,7 +399,9 @@ "id": "CVE-2026-46421", "component": "@cap-js/db-service", "ecosystem": "npm", - "affected_versions": ["2.10.1"], + "affected_versions": [ + "2.10.1" + ], "action": "BLOCK", "severity": "CRITICAL", "reason": "Confirmed npm supply-chain compromise: malicious @cap-js package versions were published as part of a coordinated compromise across @cap-js/sqlite, @cap-js/postgres, and @cap-js/db-service.", @@ -83,7 +411,9 @@ "id": "CVE-2026-46421", "component": "@cap-js/postgres", "ecosystem": "npm", - "affected_versions": ["2.2.2"], + "affected_versions": [ + "2.2.2" + ], "action": "BLOCK", "severity": "CRITICAL", "reason": "Confirmed npm supply-chain compromise: malicious @cap-js package versions were published as part of a coordinated compromise across @cap-js/sqlite, @cap-js/postgres, and @cap-js/db-service.", @@ -93,17 +423,37 @@ "id": "CVE-2026-46421", "component": "@cap-js/sqlite", "ecosystem": "npm", - "affected_versions": ["2.2.2"], + "affected_versions": [ + "2.2.2" + ], "action": "BLOCK", "severity": "CRITICAL", "reason": "Confirmed npm supply-chain compromise: malicious @cap-js package versions were published as part of a coordinated compromise across @cap-js/sqlite, @cap-js/postgres, and @cap-js/db-service.", "link": "https://osv.dev/vulnerability/GHSA-pvw4-cvr4-97p8" }, + { + "id": "MINI-SHAI-HULUD-2026-05-11", + "component": "@opensearch-project/opensearch", + "ecosystem": "npm", + "affected_versions": [ + "3.5.3", + "3.6.2", + "3.7.0", + "3.8.0" + ], + "action": "BLOCK", + "severity": "CRITICAL", + "reason": "Mini Shai-Hulud supply-chain compromise: confirmed malicious package artifacts tied to credential theft and remote payload execution across npm/PyPI ecosystems.", + "link": "https://socket.dev/blog/tanstack-npm-packages-compromised-mini-shai-hulud-supply-chain-attack" + }, { "id": "CVE-2026-45321", "component": "@tanstack/arktype-adapter", "ecosystem": "npm", - "affected_versions": ["1.166.12", "1.166.15"], + "affected_versions": [ + "1.166.12", + "1.166.15" + ], "action": "BLOCK", "severity": "CRITICAL", "reason": "Mini Shai-Hulud / TanStack supply-chain compromise: malicious npm package versions execute an obfuscated router_init.js payload that harvests cloud, GitHub, npm, Kubernetes, Vault, and SSH credentials and propagates through npm publishing workflows.", @@ -113,7 +463,10 @@ "id": "CVE-2026-45321", "component": "@tanstack/eslint-plugin-router", "ecosystem": "npm", - "affected_versions": ["1.161.9", "1.161.12"], + "affected_versions": [ + "1.161.9", + "1.161.12" + ], "action": "BLOCK", "severity": "CRITICAL", "reason": "Mini Shai-Hulud / TanStack supply-chain compromise: malicious npm package versions execute an obfuscated router_init.js payload that harvests cloud, GitHub, npm, Kubernetes, Vault, and SSH credentials and propagates through npm publishing workflows.", @@ -123,7 +476,10 @@ "id": "CVE-2026-45321", "component": "@tanstack/eslint-plugin-start", "ecosystem": "npm", - "affected_versions": ["0.0.4", "0.0.7"], + "affected_versions": [ + "0.0.4", + "0.0.7" + ], "action": "BLOCK", "severity": "CRITICAL", "reason": "Mini Shai-Hulud / TanStack supply-chain compromise: malicious npm package versions execute an obfuscated router_init.js payload that harvests cloud, GitHub, npm, Kubernetes, Vault, and SSH credentials and propagates through npm publishing workflows.", @@ -133,7 +489,10 @@ "id": "CVE-2026-45321", "component": "@tanstack/history", "ecosystem": "npm", - "affected_versions": ["1.161.9", "1.161.12"], + "affected_versions": [ + "1.161.9", + "1.161.12" + ], "action": "BLOCK", "severity": "CRITICAL", "reason": "Mini Shai-Hulud / TanStack supply-chain compromise: malicious npm package versions execute an obfuscated router_init.js payload that harvests cloud, GitHub, npm, Kubernetes, Vault, and SSH credentials and propagates through npm publishing workflows.", @@ -143,7 +502,10 @@ "id": "CVE-2026-45321", "component": "@tanstack/nitro-v2-vite-plugin", "ecosystem": "npm", - "affected_versions": ["1.154.12", "1.154.15"], + "affected_versions": [ + "1.154.12", + "1.154.15" + ], "action": "BLOCK", "severity": "CRITICAL", "reason": "Mini Shai-Hulud / TanStack supply-chain compromise: malicious npm package versions execute an obfuscated router_init.js payload that harvests cloud, GitHub, npm, Kubernetes, Vault, and SSH credentials and propagates through npm publishing workflows.", @@ -153,7 +515,10 @@ "id": "CVE-2026-45321", "component": "@tanstack/react-router", "ecosystem": "npm", - "affected_versions": ["1.169.5", "1.169.8"], + "affected_versions": [ + "1.169.5", + "1.169.8" + ], "action": "BLOCK", "severity": "CRITICAL", "reason": "Mini Shai-Hulud / TanStack supply-chain compromise: malicious npm package versions execute an obfuscated router_init.js payload that harvests cloud, GitHub, npm, Kubernetes, Vault, and SSH credentials and propagates through npm publishing workflows.", @@ -163,7 +528,10 @@ "id": "CVE-2026-45321", "component": "@tanstack/react-router-devtools", "ecosystem": "npm", - "affected_versions": ["1.166.16", "1.166.19"], + "affected_versions": [ + "1.166.16", + "1.166.19" + ], "action": "BLOCK", "severity": "CRITICAL", "reason": "Mini Shai-Hulud / TanStack supply-chain compromise: malicious npm package versions execute an obfuscated router_init.js payload that harvests cloud, GitHub, npm, Kubernetes, Vault, and SSH credentials and propagates through npm publishing workflows.", @@ -173,7 +541,10 @@ "id": "CVE-2026-45321", "component": "@tanstack/react-router-ssr-query", "ecosystem": "npm", - "affected_versions": ["1.166.15", "1.166.18"], + "affected_versions": [ + "1.166.15", + "1.166.18" + ], "action": "BLOCK", "severity": "CRITICAL", "reason": "Mini Shai-Hulud / TanStack supply-chain compromise: malicious npm package versions execute an obfuscated router_init.js payload that harvests cloud, GitHub, npm, Kubernetes, Vault, and SSH credentials and propagates through npm publishing workflows.", @@ -183,7 +554,10 @@ "id": "CVE-2026-45321", "component": "@tanstack/react-start", "ecosystem": "npm", - "affected_versions": ["1.167.68", "1.167.71"], + "affected_versions": [ + "1.167.68", + "1.167.71" + ], "action": "BLOCK", "severity": "CRITICAL", "reason": "Mini Shai-Hulud / TanStack supply-chain compromise: malicious npm package versions execute an obfuscated router_init.js payload that harvests cloud, GitHub, npm, Kubernetes, Vault, and SSH credentials and propagates through npm publishing workflows.", @@ -193,7 +567,10 @@ "id": "CVE-2026-45321", "component": "@tanstack/react-start-client", "ecosystem": "npm", - "affected_versions": ["1.166.51", "1.166.54"], + "affected_versions": [ + "1.166.51", + "1.166.54" + ], "action": "BLOCK", "severity": "CRITICAL", "reason": "Mini Shai-Hulud / TanStack supply-chain compromise: malicious npm package versions execute an obfuscated router_init.js payload that harvests cloud, GitHub, npm, Kubernetes, Vault, and SSH credentials and propagates through npm publishing workflows.", @@ -203,7 +580,10 @@ "id": "CVE-2026-45321", "component": "@tanstack/react-start-rsc", "ecosystem": "npm", - "affected_versions": ["0.0.47", "0.0.50"], + "affected_versions": [ + "0.0.47", + "0.0.50" + ], "action": "BLOCK", "severity": "CRITICAL", "reason": "Mini Shai-Hulud / TanStack supply-chain compromise: malicious npm package versions execute an obfuscated router_init.js payload that harvests cloud, GitHub, npm, Kubernetes, Vault, and SSH credentials and propagates through npm publishing workflows.", @@ -213,7 +593,10 @@ "id": "CVE-2026-45321", "component": "@tanstack/react-start-server", "ecosystem": "npm", - "affected_versions": ["1.166.55", "1.166.58"], + "affected_versions": [ + "1.166.55", + "1.166.58" + ], "action": "BLOCK", "severity": "CRITICAL", "reason": "Mini Shai-Hulud / TanStack supply-chain compromise: malicious npm package versions execute an obfuscated router_init.js payload that harvests cloud, GitHub, npm, Kubernetes, Vault, and SSH credentials and propagates through npm publishing workflows.", @@ -223,7 +606,10 @@ "id": "CVE-2026-45321", "component": "@tanstack/router-cli", "ecosystem": "npm", - "affected_versions": ["1.166.46", "1.166.49"], + "affected_versions": [ + "1.166.46", + "1.166.49" + ], "action": "BLOCK", "severity": "CRITICAL", "reason": "Mini Shai-Hulud / TanStack supply-chain compromise: malicious npm package versions execute an obfuscated router_init.js payload that harvests cloud, GitHub, npm, Kubernetes, Vault, and SSH credentials and propagates through npm publishing workflows.", @@ -233,7 +619,10 @@ "id": "CVE-2026-45321", "component": "@tanstack/router-core", "ecosystem": "npm", - "affected_versions": ["1.169.5", "1.169.8"], + "affected_versions": [ + "1.169.5", + "1.169.8" + ], "action": "BLOCK", "severity": "CRITICAL", "reason": "Mini Shai-Hulud / TanStack supply-chain compromise: malicious npm package versions execute an obfuscated router_init.js payload that harvests cloud, GitHub, npm, Kubernetes, Vault, and SSH credentials and propagates through npm publishing workflows.", @@ -243,7 +632,10 @@ "id": "CVE-2026-45321", "component": "@tanstack/router-devtools", "ecosystem": "npm", - "affected_versions": ["1.166.16", "1.166.19"], + "affected_versions": [ + "1.166.16", + "1.166.19" + ], "action": "BLOCK", "severity": "CRITICAL", "reason": "Mini Shai-Hulud / TanStack supply-chain compromise: malicious npm package versions execute an obfuscated router_init.js payload that harvests cloud, GitHub, npm, Kubernetes, Vault, and SSH credentials and propagates through npm publishing workflows.", @@ -253,7 +645,10 @@ "id": "CVE-2026-45321", "component": "@tanstack/router-devtools-core", "ecosystem": "npm", - "affected_versions": ["1.167.6", "1.167.9"], + "affected_versions": [ + "1.167.6", + "1.167.9" + ], "action": "BLOCK", "severity": "CRITICAL", "reason": "Mini Shai-Hulud / TanStack supply-chain compromise: malicious npm package versions execute an obfuscated router_init.js payload that harvests cloud, GitHub, npm, Kubernetes, Vault, and SSH credentials and propagates through npm publishing workflows.", @@ -263,7 +658,10 @@ "id": "CVE-2026-45321", "component": "@tanstack/router-generator", "ecosystem": "npm", - "affected_versions": ["1.166.45", "1.166.48"], + "affected_versions": [ + "1.166.45", + "1.166.48" + ], "action": "BLOCK", "severity": "CRITICAL", "reason": "Mini Shai-Hulud / TanStack supply-chain compromise: malicious npm package versions execute an obfuscated router_init.js payload that harvests cloud, GitHub, npm, Kubernetes, Vault, and SSH credentials and propagates through npm publishing workflows.", @@ -273,7 +671,10 @@ "id": "CVE-2026-45321", "component": "@tanstack/router-plugin", "ecosystem": "npm", - "affected_versions": ["1.167.38", "1.167.41"], + "affected_versions": [ + "1.167.38", + "1.167.41" + ], "action": "BLOCK", "severity": "CRITICAL", "reason": "Mini Shai-Hulud / TanStack supply-chain compromise: malicious npm package versions execute an obfuscated router_init.js payload that harvests cloud, GitHub, npm, Kubernetes, Vault, and SSH credentials and propagates through npm publishing workflows.", @@ -283,7 +684,10 @@ "id": "CVE-2026-45321", "component": "@tanstack/router-ssr-query-core", "ecosystem": "npm", - "affected_versions": ["1.168.3", "1.168.6"], + "affected_versions": [ + "1.168.3", + "1.168.6" + ], "action": "BLOCK", "severity": "CRITICAL", "reason": "Mini Shai-Hulud / TanStack supply-chain compromise: malicious npm package versions execute an obfuscated router_init.js payload that harvests cloud, GitHub, npm, Kubernetes, Vault, and SSH credentials and propagates through npm publishing workflows.", @@ -293,7 +697,10 @@ "id": "CVE-2026-45321", "component": "@tanstack/router-utils", "ecosystem": "npm", - "affected_versions": ["1.161.11", "1.161.14"], + "affected_versions": [ + "1.161.11", + "1.161.14" + ], "action": "BLOCK", "severity": "CRITICAL", "reason": "Mini Shai-Hulud / TanStack supply-chain compromise: malicious npm package versions execute an obfuscated router_init.js payload that harvests cloud, GitHub, npm, Kubernetes, Vault, and SSH credentials and propagates through npm publishing workflows.", @@ -303,7 +710,10 @@ "id": "CVE-2026-45321", "component": "@tanstack/router-vite-plugin", "ecosystem": "npm", - "affected_versions": ["1.166.53", "1.166.56"], + "affected_versions": [ + "1.166.53", + "1.166.56" + ], "action": "BLOCK", "severity": "CRITICAL", "reason": "Mini Shai-Hulud / TanStack supply-chain compromise: malicious npm package versions execute an obfuscated router_init.js payload that harvests cloud, GitHub, npm, Kubernetes, Vault, and SSH credentials and propagates through npm publishing workflows.", @@ -313,7 +723,10 @@ "id": "CVE-2026-45321", "component": "@tanstack/solid-router", "ecosystem": "npm", - "affected_versions": ["1.169.5", "1.169.8"], + "affected_versions": [ + "1.169.5", + "1.169.8" + ], "action": "BLOCK", "severity": "CRITICAL", "reason": "Mini Shai-Hulud / TanStack supply-chain compromise: malicious npm package versions execute an obfuscated router_init.js payload that harvests cloud, GitHub, npm, Kubernetes, Vault, and SSH credentials and propagates through npm publishing workflows.", @@ -323,7 +736,10 @@ "id": "CVE-2026-45321", "component": "@tanstack/solid-router-devtools", "ecosystem": "npm", - "affected_versions": ["1.166.16", "1.166.19"], + "affected_versions": [ + "1.166.16", + "1.166.19" + ], "action": "BLOCK", "severity": "CRITICAL", "reason": "Mini Shai-Hulud / TanStack supply-chain compromise: malicious npm package versions execute an obfuscated router_init.js payload that harvests cloud, GitHub, npm, Kubernetes, Vault, and SSH credentials and propagates through npm publishing workflows.", @@ -333,7 +749,10 @@ "id": "CVE-2026-45321", "component": "@tanstack/solid-router-ssr-query", "ecosystem": "npm", - "affected_versions": ["1.166.15", "1.166.18"], + "affected_versions": [ + "1.166.15", + "1.166.18" + ], "action": "BLOCK", "severity": "CRITICAL", "reason": "Mini Shai-Hulud / TanStack supply-chain compromise: malicious npm package versions execute an obfuscated router_init.js payload that harvests cloud, GitHub, npm, Kubernetes, Vault, and SSH credentials and propagates through npm publishing workflows.", @@ -343,7 +762,10 @@ "id": "CVE-2026-45321", "component": "@tanstack/solid-start", "ecosystem": "npm", - "affected_versions": ["1.167.65", "1.167.68"], + "affected_versions": [ + "1.167.65", + "1.167.68" + ], "action": "BLOCK", "severity": "CRITICAL", "reason": "Mini Shai-Hulud / TanStack supply-chain compromise: malicious npm package versions execute an obfuscated router_init.js payload that harvests cloud, GitHub, npm, Kubernetes, Vault, and SSH credentials and propagates through npm publishing workflows.", @@ -353,7 +775,10 @@ "id": "CVE-2026-45321", "component": "@tanstack/solid-start-client", "ecosystem": "npm", - "affected_versions": ["1.166.50", "1.166.53"], + "affected_versions": [ + "1.166.50", + "1.166.53" + ], "action": "BLOCK", "severity": "CRITICAL", "reason": "Mini Shai-Hulud / TanStack supply-chain compromise: malicious npm package versions execute an obfuscated router_init.js payload that harvests cloud, GitHub, npm, Kubernetes, Vault, and SSH credentials and propagates through npm publishing workflows.", @@ -363,7 +788,10 @@ "id": "CVE-2026-45321", "component": "@tanstack/solid-start-server", "ecosystem": "npm", - "affected_versions": ["1.166.54", "1.166.57"], + "affected_versions": [ + "1.166.54", + "1.166.57" + ], "action": "BLOCK", "severity": "CRITICAL", "reason": "Mini Shai-Hulud / TanStack supply-chain compromise: malicious npm package versions execute an obfuscated router_init.js payload that harvests cloud, GitHub, npm, Kubernetes, Vault, and SSH credentials and propagates through npm publishing workflows.", @@ -373,7 +801,10 @@ "id": "CVE-2026-45321", "component": "@tanstack/start-client-core", "ecosystem": "npm", - "affected_versions": ["1.168.5", "1.168.8"], + "affected_versions": [ + "1.168.5", + "1.168.8" + ], "action": "BLOCK", "severity": "CRITICAL", "reason": "Mini Shai-Hulud / TanStack supply-chain compromise: malicious npm package versions execute an obfuscated router_init.js payload that harvests cloud, GitHub, npm, Kubernetes, Vault, and SSH credentials and propagates through npm publishing workflows.", @@ -383,7 +814,10 @@ "id": "CVE-2026-45321", "component": "@tanstack/start-fn-stubs", "ecosystem": "npm", - "affected_versions": ["1.161.9", "1.161.12"], + "affected_versions": [ + "1.161.9", + "1.161.12" + ], "action": "BLOCK", "severity": "CRITICAL", "reason": "Mini Shai-Hulud / TanStack supply-chain compromise: malicious npm package versions execute an obfuscated router_init.js payload that harvests cloud, GitHub, npm, Kubernetes, Vault, and SSH credentials and propagates through npm publishing workflows.", @@ -393,7 +827,10 @@ "id": "CVE-2026-45321", "component": "@tanstack/start-plugin-core", "ecosystem": "npm", - "affected_versions": ["1.169.23", "1.169.26"], + "affected_versions": [ + "1.169.23", + "1.169.26" + ], "action": "BLOCK", "severity": "CRITICAL", "reason": "Mini Shai-Hulud / TanStack supply-chain compromise: malicious npm package versions execute an obfuscated router_init.js payload that harvests cloud, GitHub, npm, Kubernetes, Vault, and SSH credentials and propagates through npm publishing workflows.", @@ -403,7 +840,10 @@ "id": "CVE-2026-45321", "component": "@tanstack/start-server-core", "ecosystem": "npm", - "affected_versions": ["1.167.33", "1.167.36"], + "affected_versions": [ + "1.167.33", + "1.167.36" + ], "action": "BLOCK", "severity": "CRITICAL", "reason": "Mini Shai-Hulud / TanStack supply-chain compromise: malicious npm package versions execute an obfuscated router_init.js payload that harvests cloud, GitHub, npm, Kubernetes, Vault, and SSH credentials and propagates through npm publishing workflows.", @@ -413,7 +853,10 @@ "id": "CVE-2026-45321", "component": "@tanstack/start-static-server-functions", "ecosystem": "npm", - "affected_versions": ["1.166.44", "1.166.47"], + "affected_versions": [ + "1.166.44", + "1.166.47" + ], "action": "BLOCK", "severity": "CRITICAL", "reason": "Mini Shai-Hulud / TanStack supply-chain compromise: malicious npm package versions execute an obfuscated router_init.js payload that harvests cloud, GitHub, npm, Kubernetes, Vault, and SSH credentials and propagates through npm publishing workflows.", @@ -423,7 +866,10 @@ "id": "CVE-2026-45321", "component": "@tanstack/start-storage-context", "ecosystem": "npm", - "affected_versions": ["1.166.38", "1.166.41"], + "affected_versions": [ + "1.166.38", + "1.166.41" + ], "action": "BLOCK", "severity": "CRITICAL", "reason": "Mini Shai-Hulud / TanStack supply-chain compromise: malicious npm package versions execute an obfuscated router_init.js payload that harvests cloud, GitHub, npm, Kubernetes, Vault, and SSH credentials and propagates through npm publishing workflows.", @@ -433,7 +879,10 @@ "id": "CVE-2026-45321", "component": "@tanstack/valibot-adapter", "ecosystem": "npm", - "affected_versions": ["1.166.12", "1.166.15"], + "affected_versions": [ + "1.166.12", + "1.166.15" + ], "action": "BLOCK", "severity": "CRITICAL", "reason": "Mini Shai-Hulud / TanStack supply-chain compromise: malicious npm package versions execute an obfuscated router_init.js payload that harvests cloud, GitHub, npm, Kubernetes, Vault, and SSH credentials and propagates through npm publishing workflows.", @@ -443,7 +892,10 @@ "id": "CVE-2026-45321", "component": "@tanstack/virtual-file-routes", "ecosystem": "npm", - "affected_versions": ["1.161.10", "1.161.13"], + "affected_versions": [ + "1.161.10", + "1.161.13" + ], "action": "BLOCK", "severity": "CRITICAL", "reason": "Mini Shai-Hulud / TanStack supply-chain compromise: malicious npm package versions execute an obfuscated router_init.js payload that harvests cloud, GitHub, npm, Kubernetes, Vault, and SSH credentials and propagates through npm publishing workflows.", @@ -453,7 +905,10 @@ "id": "CVE-2026-45321", "component": "@tanstack/vue-router", "ecosystem": "npm", - "affected_versions": ["1.169.5", "1.169.8"], + "affected_versions": [ + "1.169.5", + "1.169.8" + ], "action": "BLOCK", "severity": "CRITICAL", "reason": "Mini Shai-Hulud / TanStack supply-chain compromise: malicious npm package versions execute an obfuscated router_init.js payload that harvests cloud, GitHub, npm, Kubernetes, Vault, and SSH credentials and propagates through npm publishing workflows.", @@ -463,7 +918,10 @@ "id": "CVE-2026-45321", "component": "@tanstack/vue-router-devtools", "ecosystem": "npm", - "affected_versions": ["1.166.16", "1.166.19"], + "affected_versions": [ + "1.166.16", + "1.166.19" + ], "action": "BLOCK", "severity": "CRITICAL", "reason": "Mini Shai-Hulud / TanStack supply-chain compromise: malicious npm package versions execute an obfuscated router_init.js payload that harvests cloud, GitHub, npm, Kubernetes, Vault, and SSH credentials and propagates through npm publishing workflows.", @@ -473,7 +931,10 @@ "id": "CVE-2026-45321", "component": "@tanstack/vue-router-ssr-query", "ecosystem": "npm", - "affected_versions": ["1.166.15", "1.166.18"], + "affected_versions": [ + "1.166.15", + "1.166.18" + ], "action": "BLOCK", "severity": "CRITICAL", "reason": "Mini Shai-Hulud / TanStack supply-chain compromise: malicious npm package versions execute an obfuscated router_init.js payload that harvests cloud, GitHub, npm, Kubernetes, Vault, and SSH credentials and propagates through npm publishing workflows.", @@ -483,7 +944,10 @@ "id": "CVE-2026-45321", "component": "@tanstack/vue-start", "ecosystem": "npm", - "affected_versions": ["1.167.61", "1.167.64"], + "affected_versions": [ + "1.167.61", + "1.167.64" + ], "action": "BLOCK", "severity": "CRITICAL", "reason": "Mini Shai-Hulud / TanStack supply-chain compromise: malicious npm package versions execute an obfuscated router_init.js payload that harvests cloud, GitHub, npm, Kubernetes, Vault, and SSH credentials and propagates through npm publishing workflows.", @@ -493,7 +957,10 @@ "id": "CVE-2026-45321", "component": "@tanstack/vue-start-client", "ecosystem": "npm", - "affected_versions": ["1.166.46", "1.166.49"], + "affected_versions": [ + "1.166.46", + "1.166.49" + ], "action": "BLOCK", "severity": "CRITICAL", "reason": "Mini Shai-Hulud / TanStack supply-chain compromise: malicious npm package versions execute an obfuscated router_init.js payload that harvests cloud, GitHub, npm, Kubernetes, Vault, and SSH credentials and propagates through npm publishing workflows.", @@ -503,7 +970,10 @@ "id": "CVE-2026-45321", "component": "@tanstack/vue-start-server", "ecosystem": "npm", - "affected_versions": ["1.166.50", "1.166.53"], + "affected_versions": [ + "1.166.50", + "1.166.53" + ], "action": "BLOCK", "severity": "CRITICAL", "reason": "Mini Shai-Hulud / TanStack supply-chain compromise: malicious npm package versions execute an obfuscated router_init.js payload that harvests cloud, GitHub, npm, Kubernetes, Vault, and SSH credentials and propagates through npm publishing workflows.", @@ -513,40 +983,26 @@ "id": "CVE-2026-45321", "component": "@tanstack/zod-adapter", "ecosystem": "npm", - "affected_versions": ["1.166.12", "1.166.15"], + "affected_versions": [ + "1.166.12", + "1.166.15" + ], "action": "BLOCK", "severity": "CRITICAL", "reason": "Mini Shai-Hulud / TanStack supply-chain compromise: malicious npm package versions execute an obfuscated router_init.js payload that harvests cloud, GitHub, npm, Kubernetes, Vault, and SSH credentials and propagates through npm publishing workflows.", "link": "https://github.com/advisories/GHSA-g7cv-rxg3-hmpx" }, { - "id": "MINI-SHAI-HULUD-2026-05-11", - "component": "@opensearch-project/opensearch", + "id": "AXIOS-NPM-COMPROMISE-2026-03-31", + "component": "axios", "ecosystem": "npm", - "affected_versions": ["3.5.3", "3.6.2", "3.7.0", "3.8.0"], - "action": "BLOCK", - "severity": "CRITICAL", - "reason": "Mini Shai-Hulud supply-chain compromise: confirmed malicious package artifacts tied to credential theft and remote payload execution across npm/PyPI ecosystems.", - "link": "https://socket.dev/blog/tanstack-npm-packages-compromised-mini-shai-hulud-supply-chain-attack" - }, - { - "id": "MINI-SHAI-HULUD-2026-05-11", - "component": "mistralai", - "ecosystem": "PyPI", - "affected_versions": ["2.4.6"], + "affected_versions": [ + "1.14.1", + "0.30.4" + ], "action": "BLOCK", "severity": "CRITICAL", - "reason": "Mini Shai-Hulud supply-chain compromise: compromised PyPI release reportedly downloads and executes a secondary payload on Linux systems and targets developer credentials.", - "link": "https://thehackernews.com/2026/05/tanstack-supply-chain-attack-hits-two.html" - }, - { - "id": "MINI-SHAI-HULUD-2026-05-11", - "component": "guardrails-ai", - "ecosystem": "PyPI", - "affected_versions": ["0.10.1"], - "action": "BLOCK", - "severity": "CRITICAL", - "reason": "Mini Shai-Hulud supply-chain compromise: compromised PyPI release downloads a remote Python artifact and executes it without integrity verification.", - "link": "https://socket.dev/blog/tanstack-npm-packages-compromised-mini-shai-hulud-supply-chain-attack" + "reason": "Confirmed npm supply-chain compromise: attacker reportedly hijacked the maintainer npm account and published malicious axios builds that introduced the plain-crypto-js dependency outside the normal GitHub Actions release flow.", + "link": "https://github.com/axios/axios" } ]