See the full list of npm packages compromised in the "TanStack Supply Chain Compromise - May 2026" [View compromised packages].
Find out if you have vulnerabilities that put you at risk
Test your applicationsAPPLICATION
OPERATING SYSTEM
Affects @aadiam/ibiza-search | Versions *
No fix available
npmPublished 30 Aug 2023
- H
Prototype PollutionCVE-2025-3193
Affects algoliasearch-helper | Versions >=2.0.0-rc1 <3.11.2
Has fix
npmPublished 26 Sept 2025
- M
Prototype PollutionCVE-2021-23433
Affects algoliasearch-helper | Versions <3.6.2
Has fix
npmPublished 19 Nov 2021
Affects appdirect-universal-search | Versions =99.0.0
Has fix
npmPublished 8 Sept 2022
Affects azure-search-documents | Versions *
No fix available
npmPublished 30 Aug 2023
Affects @azure-tests/perf-search-documents | Versions *
No fix available
npmPublished 30 Aug 2023
Affects brave-research-participation-tool | Versions *
No fix available
npmPublished 30 Aug 2023
Affects @commercialsalesandmarketing/contact-search | Versions =1.0.1
Has fix
npmPublished 23 Jun 2022
Affects coveofordynamics-search-ui-seed | Versions =2.0.0
Has fix
npmPublished 6 Jun 2023
Affects @crowdstrike/logscale-search | Versions =1.205.1=1.205.2
Has fix
npmPublished 16 Sept 2025
Affects deep-search-exports-directory | Versions *
No fix available
npmPublished 11 Jan 2024
- M
Cross-site Scripting (XSS)CVE-2026-40201
Affects @diplodoc/search-extension | Versions >=1.0.0 <3.0.5
Has fix
npmPublished 10 May 2026
Affects dogwhohacks-research-security-do-not-install | Versions =1.0.7=1.0.8
Has fix
npmPublished 8 Sept 2022
Affects dwolla-algolia-search | Versions =50.50.60
Has fix
npmPublished 1 Mar 2023
- M
Cross-site Scripting (XSS)CVE-2020-7011
Affects @elastic/app-search-javascript | Versions <7.7.0
Has fix
npmPublished 4 Jun 2020
- M
Cross-site Scripting (XSS)CVE-2020-7011
Affects @elastic/app-search-node | Versions <7.7.0
Has fix
npmPublished 4 Jun 2020
Affects elasticsearch-client-specification | Versions *
No fix available
npmPublished 13 Jun 2024
Affects elasticsearch-logstashforwarder | Versions *
No fix available
npmPublished 30 Aug 2023
Affects elasticsearch-logstash_reporter | Versions *
No fix available
npmPublished 30 Aug 2023
Affects epic-ue-search | Versions =1.0.2=1.0.3=14.0.0=17.0.0=18.0.0
Has fix
npmPublished 8 Sept 2022
Affects eu.netherlands3d.address-search | Versions *
No fix available
npmPublished 11 Jun 2025