CVE-2026-45321

Malware in 42 @tanstack/* packages exfiltrates cloud credentials, GitHub tokens, and SSH keys

CVSS 9.6 CRITICALEPSS 2.3%● KEVCWE-506

Em resumo

Versões maliciosas de 42 pacotes populares do TanStack foram publicadas secretamente no npm com malware que rouba credenciais em nuvem, tokens do GitHub e chaves SSH dos computadores dos desenvolvedores. Isso é crítico porque desenvolvedores que usaram esses pacotes instalaram, sem saber, código que comprometeu suas credenciais de segurança.

Detalhe técnico

Um atacante explorou uma má configuração de pull_request_target no GitHub Actions combinada com envenenamento de cache através de limites fork-para-base para extrair o token OIDC do processo runner, usando então essa credencial legítima para publicar versões maliciosas no npm. O malware exfiltra credenciais sensíveis (chaves em nuvem, tokens do GitHub, chaves SSH) do ambiente do host, afetando qualquer desenvolvedor que instalou as versões comprometidas durante a janela de publicação.

Resumo gerado e traduzido por IA a partir da descrição oficial.

On 2026-05-11, between approximately 19:20 and 19:26 UTC, 84 malicious versions across 42 @tanstack/* packages were published to the npm registry. The publishes were authenticated via the legitimate GitHub Actions OIDC trusted-publisher binding for TanStack/router, but the publish workflow itself was not modified. The attacker chained three known vulnerability classes — a pull_request_target "Pwn Request" misconfiguration, GitHub Actions cache poisoning across the fork↔base trust boundary, and runtime memory extraction of the OIDC token from the Actions runner process — to publish credential-stealing malware under a trusted identity. Each affected package received exactly two malicious versions, published a few minutes apart.

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H

Produtos afetados

PoCs públicas encontradas — 12

githubgithub.com/Intrudify/mini-shai-hulud-scanner★ 2 githubgithub.com/fabriziosalmi/tanstack-compromise-checker★ 2 githubgithub.com/qi-scape/scan-shai-hulud★ 1 githubgithub.com/nkopylov/tanscript-exploit-check★ 1 githubgithub.com/shayr1/shai-hulud-scan★ 1 githubgithub.com/renewablehacking/CVE-2026-45321-Tanstack★ 0 githubgithub.com/ry-allan/tanstack-compromise-checker★ 0 githubgithub.com/adriannurrr/CVE-2026-45321-Tanstack★ 0 githubgithub.com/Yomisana/are-you-get-tanstack-attack★ 0 githubgithub.com/Caixa-git/tanstack-shield★ 0 githubgithub.com/digi4care/shai-scan★ 0 githubgithub.com/prashanthnataraj/mini-shai-hulud-detector★ 0

⚠ Recursos públicos, para você avaliar a exposição de sistemas que controla ou está autorizado a testar. Teste apenas com autorização.

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →

Referências

https://github.com/TanStack/router/issues/7383 https://github.com/TanStack/router/security/advisories/GHSA-g7cv-rxg3-hmpx https://tanstack.com/blog/npm-supply-chain-compromise-postmortem https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2026-45321 https://www.stepsecurity.io/blog/mini-shai-hulud-is-back-a-self-spreading-supply-chain-attack-hits-the-npm-ecosystem