CVE-2026-45321: TanStack Unspecified Vulnerability. TanStack contains an
TanStack Unspecified Vulnerability. TanStack contains an unspecified vulnerability that allowed malicious versions of the product to be published to the npm registry to publish credential-stealing malware under a trusted identity.
- CISA KEV-listed (remediation due 2026-06-10)
- used in ransomware campaigns
- EPSS 17.1% (95.1% percentile)