MAL-2026-3472 Malicious code in @tanstack/router-cli (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 3a4625c6f00a64d5f9c4d9fe41182c90a5d06c2a6cf72046d9a1e76d65295444 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

@stacker-oss/cli (>=0.1.0 <=0.1.2), @sykoramaros/marosh-components (>=0.0.6 <=0.1.17) +2 more potentially affected by unknown CVE via @tanstack/router-cli (=1.166.43)

@tanstack/router-cli NPM version =1.166.43 is affected by a known vulnerability. The following packages have a transitive dependency on @tanstack/router-cli and may be impacted: - @stacker-oss/cli =0.1.0, =0.0.6, =0.0.4, =0.0.2, =0.0.3 Source cves: unknown CVE Source advisory: OSV:MAL-2026-3472...

@stacker-oss/cli (>=0.1.0 <=0.1.2), @sykoramaros/marosh-components (>=0.0.6 <=0.1.17) +2 more potentially affected by CVE-2026-45321 via @tanstack/router-cli (=1.166.43)

@tanstack/router-cli NPM version =1.166.43 is affected by a known vulnerability. The following packages have a transitive dependency on @tanstack/router-cli and may be impacted: - @stacker-oss/cli =0.1.0, =0.0.6, =0.0.4, =0.0.2, =0.0.3 Source cves: CVE-2026-45321 Source advisory:...