@8btc/finance-assistant-mcp (>=0.0.1 <=0.0.69), @8btc/office-assistant-mcp (>=0.0.1 <=0.0.26-beta.1) +457 more potentially affected by unknown CVE via @tanstack/react-router (>=1.0.0 <=1.169.2)

@tanstack/react-router NPM version =1.0.0, =0.0.1, =0.0.1, =0.1.0, =0.2.0, =1.0.0, =0.0.1-alpha.14, =0.1.0, =0.0.2-canary.11, =0.1.0, =1.0.0, =1.0.0, =0.0.1, =0.18.0, =0.19.0 and more Source cves: unknown CVE Source advisory: OSV:MAL-2026-3465...

MAL-2026-3465 Malicious code in @tanstack/react-router (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware b329cb477cc0d977f9e8e6df59072ea002d6d041b99531596fbd87b8ff80aefd Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in @tanstack/react-router (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware b329cb477cc0d977f9e8e6df59072ea002d6d041b99531596fbd87b8ff80aefd Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2026-3466 Malicious code in @tanstack/react-router-devtools (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 2583e447a99e68ab9e3a7562a7a9693e1c09de387a824f47a07f325e3b5b4d39 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

@alivault/pico (>=0.1.0 <=0.1.2), @argus-vrt/web (=0.1.0) +26 more potentially affected by CVE-2026-45321 via @tanstack/react-router-ssr-query (>=1.166.10 <=1.166.12)

@tanstack/react-router-ssr-query NPM version =1.166.10, =0.1.0, =0.0.4, =1.0.0, =0.1.0, =0.2.4, =0.0.1, =0.1.0-alpha.1, =0.0.1, =0.0.8 - better-github =0.0.1 and more Source cves: CVE-2026-45321 Source advisory: SNYK:JS-TANSTACKREACTROUTERSSRQUERY-16640207...

@8btc/finance-assistant-mcp (>=0.0.1 <=0.0.69), @8btc/office-assistant-mcp (>=0.0.1 <=0.0.26-beta.1) +457 more potentially affected by CVE-2026-45321 via @tanstack/react-router (>=1.0.0 <=1.169.2)

@tanstack/react-router NPM version =1.0.0, =0.0.1, =0.0.1, =0.1.0, =0.2.0, =1.0.0, =0.0.1-alpha.14, =0.1.0, =0.0.2-canary.11, =0.1.0, =1.0.0, =1.0.0, =0.0.1, =0.18.0, =0.19.0 and more Source cves: CVE-2026-45321 Source advisory: SNYK:JS-TANSTACKREACTROUTER-16640208...

@alivault/pico (>=0.1.0 <=0.1.2), @argus-vrt/web (=0.1.0) +29 more potentially affected by CVE-2026-45321 via @tanstack/router-ssr-query-core (>=1.121.0-alpha.28 <=1.168.0)

@tanstack/router-ssr-query-core NPM version =1.121.0-alpha.28, =0.1.0, =0.0.4, =1.0.0, =0.1.0, =1.121.0-alpha.28, =1.133.19, =1.140.0, =0.2.4, =0.0.1, =0.1.0-alpha.1, =0.1.0-alpha.2 and more Source cves: CVE-2026-45321 Source advisory: SNYK:JS-TANSTACKROUTERSSRQUERYCORE-16640223...

@8btc/finance-assistant-mcp (>=0.0.1 <=0.0.69), @8btc/office-assistant-mcp (>=0.0.1 <=0.0.26-beta.1) +101 more potentially affected by CVE-2026-45321 via @tanstack/react-router-devtools (>=1.120.20 <=1.166.13)

@tanstack/react-router-devtools NPM version =1.120.20, =0.0.1, =0.0.1, =0.0.1-alpha.14, =0.1.0, =0.0.4, =0.1.0, =0.2.0, =0.2.0, =1.0.0, =0.1.0, =2.0.1-alpha-20260224145405, =2.0.1-alpha.6 - @ezshare/cli =0.0.0 - @ezshare/lib =0.0.0 - @ezshare/web =0.0.0 and more Source cves: CVE-2026-45321 Source...