THREATOPS
THREAT OPSCVEs › CVE-2026-45321

CVE-2026-45321 — TanStack Unspecified Vulnerability

CISA KEVExploited: confirmedTanStack

TanStack contains an unspecified vulnerability that allowed malicious versions of the product to be published to the npm registry to publish credential-stealing malware under a trusted identity.

Vulnerability details

Related reporting