Malicious code in @tanstack/vue-start-client (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware b11c2f37aa0a8c4d809c3136f8f7c227c463f4f8e7a2b4515336b730941dcc4c Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2026-3499 Malicious code in @tanstack/vue-start-client (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware b11c2f37aa0a8c4d809c3136f8f7c227c463f4f8e7a2b4515336b730941dcc4c Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

@tanstack/vue-start (>=1.141.0 <=1.167.58) potentially affected by unknown CVE via @tanstack/vue-start-client (>=1.141.0 <=1.166.43)

@tanstack/vue-start-client NPM version =1.141.0, =1.141.0, =1.167.58 Source cves: unknown CVE Source advisory: OSV:MAL-2026-3499...

@tanstack/vue-start (>=1.141.0 <=1.167.58), @tanstack/vue-start-client (>=1.141.0 <=1.166.43) +1 more potentially affected by unknown CVE via @tanstack/vue-router (>=1.141.0 <=1.169.2)

@tanstack/vue-router NPM version =1.141.0, =1.141.0, =1.141.0, =1.141.0, =1.166.47 Source cves: unknown CVE Source advisory: OSV:MAL-2026-3495...

@tanstack/vue-start (>=1.141.0 <=1.167.58) potentially affected by unknown CVE via @tanstack/vue-start-server (>=1.141.0 <=1.166.5)

@tanstack/vue-start-server NPM version =1.141.0, =1.141.0, =1.167.58 Source cves: unknown CVE Source advisory: OSV:MAL-2026-3500...

MAL-2026-3498 Malicious code in @tanstack/vue-start (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 8a01585c5903bfc477b8856810c151bd5dd0cdc04afe7c51b5710eae9b1fc366 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in @tanstack/vue-start (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 8a01585c5903bfc477b8856810c151bd5dd0cdc04afe7c51b5710eae9b1fc366 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

@tanstack/vue-start (>=1.141.0 <=1.167.58) potentially affected by CVE-2026-45321 via @tanstack/vue-start-client (>=1.141.0 <=1.166.43)

@tanstack/vue-start-client NPM version =1.141.0, =1.141.0, =1.167.58 Source cves: CVE-2026-45321 Source advisory: SNYK:JS-TANSTACKVUESTARTCLIENT-16640254...

@tanstack/vue-start (>=1.141.0 <=1.167.58) potentially affected by CVE-2026-45321 via @tanstack/vue-start-server (>=1.141.0 <=1.166.5)

@tanstack/vue-start-server NPM version =1.141.0, =1.141.0, =1.167.58 Source cves: CVE-2026-45321 Source advisory: SNYK:JS-TANSTACKVUESTARTSERVER-16640255...