See the full list of npm packages compromised in the "TanStack Supply Chain Compromise - May 2026" [View compromised packages].
Find out if you have vulnerabilities that put you at risk
Test your applicationsAPPLICATION
OPERATING SYSTEM
- M
Directory TraversalCVE-2026-44996
Affects openclaw | Versions <2026.4.15-beta.1
Has fix
npmPublished 30 Apr 2026
Affects @validate-ethereum-address/core | Versions *
No fix available
npmPublished 29 Apr 2026
Affects @solana-launchpad/sdk | Versions *
No fix available
npmPublished 29 Apr 2026
Affects apple-internal-config | Versions *
No fix available
npmPublished 29 Apr 2026
Affects apple-infra-escape-audit | Versions *
No fix available
npmPublished 29 Apr 2026
Affects frank-newton3-db-final | Versions *
No fix available
npmPublished 29 Apr 2026
Affects internal-sys-audit-check | Versions *
No fix available
npmPublished 29 Apr 2026
Affects gcp-internal-research-poc | Versions *
No fix available
npmPublished 29 Apr 2026
Affects apple-app-store-server-library-poc | Versions *
No fix available
npmPublished 29 Apr 2026
Affects frank-newton3-final-audit | Versions *
No fix available
npmPublished 29 Apr 2026
Affects frank-newton3-user-hunt | Versions *
No fix available
npmPublished 29 Apr 2026
Affects apple-infra-stealth-audit | Versions *
No fix available
npmPublished 29 Apr 2026
Affects frank-newton3-db-poc | Versions *
No fix available
npmPublished 29 Apr 2026
- M
DNS RebindingCVE-2026-6874
Affects copilot-api | Versions *
No fix available
npmPublished 29 Apr 2026
- H
Prototype PollutionCVE-2026-42077
Affects @evomap/evolver | Versions <1.69.1
Has fix
npmPublished 29 Apr 2026
- H
Directory TraversalCVE-2026-42075
Affects @evomap/evolver | Versions <1.69.1
Has fix
npmPublished 29 Apr 2026
- C
Command InjectionCVE-2026-42076
Affects @evomap/evolver | Versions <1.69.1
Has fix
npmPublished 29 Apr 2026
Affects @chenglou/pretext | Versions <0.0.5
Has fix
npmPublished 29 Apr 2026