Common Weakness Enumeration

CWE-506

Allowed-with-Review

Embedded Malicious Code

Abstraction: Class · Status: Incomplete

The product contains code that appears to be malicious in nature.

525 vulnerabilities reference this CWE, most recent first.

GHSA-J68R-23HJ-XF9C

Vulnerability from github – Published: 2018-10-10 17:28 – Updated: 2023-09-07 20:36
VLAI
Summary
node-openssl is malware
Details

The node-openssl package is a piece of malware that steals environment variables and sends them to attacker controlled locations.

All versions have been unpublished from the npm registry.

Recommendation

As this package is malware, if you find it installed in your environment, the real security concern is determining how it got there.

If you have found this installed in your environment, you should: 1. Delete the package 2. Clear your npm cache 3. Ensure it is not present in any other package.json files on your system 4. Regenerate your registry credentials, tokens, and any other sensitive credentials that may have been present in your environment variables.

Additionally, any service which may have been exposed via credentials in your environment variables, such as a database, should be reviewed for indicators of compromise as well.

Show details on source website

{
  "affected": [
    {
      "package": {
        "ecosystem": "npm",
        "name": "node-openssl"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "last_affected": "1.0.2"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2017-16064"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-506"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2020-06-16T21:42:11Z",
    "nvd_published_at": null,
    "severity": "HIGH"
  },
  "details": "The `node-openssl` package is a piece of malware that steals environment variables and sends them to attacker controlled locations. \n\nAll versions have been unpublished from the npm registry.\n\n\n## Recommendation\n\n\nAs this package is malware, if you find it installed in your environment, the real security concern is determining how it got there. \n\nIf you have found this installed in your environment, you should:\n1. Delete the package\n2. Clear your npm cache\n3. Ensure it is not present in any other package.json files on your system\n4. Regenerate your registry credentials, tokens, and any other sensitive credentials that may have been present in your environment variables. \n\nAdditionally, any service which may have been exposed via credentials in your environment variables, such as a database, should be reviewed for indicators of compromise as well.",
  "id": "GHSA-j68r-23hj-xf9c",
  "modified": "2023-09-07T20:36:05Z",
  "published": "2018-10-10T17:28:14Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-16064"
    },
    {
      "type": "ADVISORY",
      "url": "https://github.com/advisories/GHSA-j68r-23hj-xf9c"
    },
    {
      "type": "WEB",
      "url": "https://www.npmjs.com/advisories/503"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
      "type": "CVSS_V3"
    }
  ],
  "summary": "node-openssl is malware"
}

GHSA-J6X7-42X2-HPCF

Vulnerability from github – Published: 2020-09-03 22:14 – Updated: 2021-09-29 21:15
VLAI
Summary
Malicious Package in buffer-xoz
Details

Version 2.0.2 contained malicious code. The package targeted the Ethereum cryptocurrency and performed transactions to wallets not controlled by the user.

Recommendation

Remove the package from your environment. Ensure no Ethereum funds were compromised.

Show details on source website

{
  "affected": [
    {
      "package": {
        "ecosystem": "npm",
        "name": "buffer-xoz"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0.0.0"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [],
  "database_specific": {
    "cwe_ids": [
      "CWE-506"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2020-08-31T18:52:30Z",
    "nvd_published_at": null,
    "severity": "CRITICAL"
  },
  "details": "Version 2.0.2 contained malicious code. The package targeted the Ethereum cryptocurrency and performed transactions to wallets not controlled by the user.\n\n\n## Recommendation\n\nRemove the package from your environment. Ensure no Ethereum funds were compromised.",
  "id": "GHSA-j6x7-42x2-hpcf",
  "modified": "2021-09-29T21:15:09Z",
  "published": "2020-09-03T22:14:20Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://www.npmjs.com/advisories/1253"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ],
  "summary": "Malicious Package in buffer-xoz"
}

GHSA-J866-8VXX-27HX

Vulnerability from github – Published: 2018-08-29 23:43 – Updated: 2023-09-08 23:02
VLAI
Summary
nodemailer.js is malware
Details

The nodemailer.js package is a piece of malware that steals environment variables and sends them to attacker controlled locations.

All versions have been unpublished from the npm registry.

Recommendation

As this package is malware, if you find it installed in your environment, the real security concern is determining how it got there.

If you have found this installed in your environment, you should: 1. Delete the package 2. Clear your npm cache 3. Ensure it is not present in any other package.json files on your system 4. Regenerate your registry credentials, tokens, and any other sensitive credentials that may have been present in your environment variables.

Additionally, any service which may have been exposed via credentials in your environment variables, such as a database, should be reviewed for indicators of compromise as well.

Show details on source website

{
  "affected": [
    {
      "package": {
        "ecosystem": "npm",
        "name": "nodemailer.js"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "last_affected": "1.0.2"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2017-16072"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-506"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2020-06-16T21:42:35Z",
    "nvd_published_at": null,
    "severity": "HIGH"
  },
  "details": "The `nodemailer.js` package is a piece of malware that steals environment variables and sends them to attacker controlled locations. \n\nAll versions have been unpublished from the npm registry.\n\n\n## Recommendation\n\nAs this package is malware, if you find it installed in your environment, the real security concern is determining how it got there. \n\nIf you have found this installed in your environment, you should:\n1. Delete the package\n2. Clear your npm cache\n3. Ensure it is not present in any other package.json files on your system\n4. Regenerate your registry credentials, tokens, and any other sensitive credentials that may have been present in your environment variables. \n\nAdditionally, any service which may have been exposed via credentials in your environment variables, such as a database, should be reviewed for indicators of compromise as well.",
  "id": "GHSA-j866-8vxx-27hx",
  "modified": "2023-09-08T23:02:21Z",
  "published": "2018-08-29T23:43:53Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-16072"
    },
    {
      "type": "ADVISORY",
      "url": "https://github.com/advisories/GHSA-j866-8vxx-27hx"
    },
    {
      "type": "WEB",
      "url": "https://www.npmjs.com/advisories/511"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
      "type": "CVSS_V3"
    }
  ],
  "summary": "nodemailer.js is malware"
}

GHSA-J899-348X-H3RQ

Vulnerability from github – Published: 2020-09-03 19:57 – Updated: 2021-09-30 20:27
VLAI
Summary
Malicious Package in serializes
Details

This package contained malicious code. The package uploaded system information such as OS and hostname to a remote server.

Recommendation

Remove the package from your environment. There are no indications of further compromise.

Show details on source website

{
  "affected": [
    {
      "package": {
        "ecosystem": "npm",
        "name": "serializes"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0.0.0"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [],
  "database_specific": {
    "cwe_ids": [
      "CWE-506"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2020-08-31T18:48:41Z",
    "nvd_published_at": null,
    "severity": "CRITICAL"
  },
  "details": "This package contained malicious code. The package uploaded system information such as OS and hostname to a remote server.\n\n\n## Recommendation\n\nRemove the package from your environment. There are no indications of further compromise.",
  "id": "GHSA-j899-348x-h3rq",
  "modified": "2021-09-30T20:27:53Z",
  "published": "2020-09-03T19:57:54Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://www.npmjs.com/advisories/1139"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ],
  "summary": "Malicious Package in serializes"
}

GHSA-J8HW-49GG-VQ3W

Vulnerability from github – Published: 2020-09-03 17:45 – Updated: 2021-09-30 20:00
VLAI
Summary
Malicious Package in retcodelog
Details

All versions of retcodelog contain malicious code. The package uploads system information to a remote server, downloads a file and executes it.

Recommendation

Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be rotated immediately from a different computer.

The package should be removed, but as full control of the computer may have been given to an outside entity, there is no guarantee that removing the package will remove all malicious software resulting from installing it.

Show details on source website

{
  "affected": [
    {
      "package": {
        "ecosystem": "npm",
        "name": "retcodelog"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0.0.0"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [],
  "database_specific": {
    "cwe_ids": [
      "CWE-506"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2020-08-31T18:45:51Z",
    "nvd_published_at": null,
    "severity": "CRITICAL"
  },
  "details": "All versions of `retcodelog` contain malicious code. The package uploads system information to a remote server, downloads a file and executes it.\n\n\n## Recommendation\n\nAny computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be rotated immediately from a different computer.\n\nThe package should be removed, but as full control of the computer may have been given to an outside entity, there is no guarantee that removing the package will remove all malicious software resulting from installing it.",
  "id": "GHSA-j8hw-49gg-vq3w",
  "modified": "2021-09-30T20:00:58Z",
  "published": "2020-09-03T17:45:41Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://www.npmjs.com/advisories/1061"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ],
  "summary": "Malicious Package in retcodelog"
}

GHSA-JCHG-G94R-64QG

Vulnerability from github – Published: 2020-09-03 19:50 – Updated: 2021-09-30 20:20
VLAI
Summary
Malicious Package in mogobd
Details

This package contained malicious code. The package uploaded system information such as OS and hostname to a remote server.

Recommendation

Remove the package from your environment. There are no indications of further compromise.

Show details on source website

{
  "affected": [
    {
      "package": {
        "ecosystem": "npm",
        "name": "mogobd"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0.0.0"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [],
  "database_specific": {
    "cwe_ids": [
      "CWE-506"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2020-08-31T18:48:25Z",
    "nvd_published_at": null,
    "severity": "CRITICAL"
  },
  "details": "This package contained malicious code. The package uploaded system information such as OS and hostname to a remote server.\n\n\n## Recommendation\n\nRemove the package from your environment. There are no indications of further compromise.",
  "id": "GHSA-jchg-g94r-64qg",
  "modified": "2021-09-30T20:20:03Z",
  "published": "2020-09-03T19:50:10Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://www.npmjs.com/advisories/1132"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ],
  "summary": "Malicious Package in mogobd"
}

GHSA-JCMH-9FVM-J39W

Vulnerability from github – Published: 2020-09-03 19:42 – Updated: 2021-09-30 20:13
VLAI
Summary
Malicious Package in body-parse-xml
Details

This package contained malicious code. The package uploaded system information such as OS and hostname to a remote server.

Recommendation

Remove the package from your environment. There are no indications of further compromise.

Show details on source website

{
  "affected": [
    {
      "package": {
        "ecosystem": "npm",
        "name": "body-parse-xml"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0.0.0"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [],
  "database_specific": {
    "cwe_ids": [
      "CWE-506"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2020-08-31T18:48:08Z",
    "nvd_published_at": null,
    "severity": "CRITICAL"
  },
  "details": "This package contained malicious code. The package uploaded system information such as OS and hostname to a remote server.\n\n\n## Recommendation\n\nRemove the package from your environment. There are no indications of further compromise.",
  "id": "GHSA-jcmh-9fvm-j39w",
  "modified": "2021-09-30T20:13:39Z",
  "published": "2020-09-03T19:42:23Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://www.npmjs.com/advisories/1125"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ],
  "summary": "Malicious Package in body-parse-xml"
}

GHSA-JF8X-WG7F-P3W8

Vulnerability from github – Published: 2020-09-03 18:22 – Updated: 2021-09-30 20:05
VLAI
Summary
Malicious Package in cage-js
Details

All versions of cage-js contains malicious code. The malware downloads and runs a script from a remote server as a postinstall script.

Recommendation

Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be rotated immediately from a different computer.

The package should be removed, but as full control of the computer may have been given to an outside entity, there is no guarantee that removing the package will remove all malicious software resulting from installing it.

Show details on source website

{
  "affected": [
    {
      "package": {
        "ecosystem": "npm",
        "name": "cage-js"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0.0.0"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [],
  "database_specific": {
    "cwe_ids": [
      "CWE-506"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2020-08-31T18:46:46Z",
    "nvd_published_at": null,
    "severity": "CRITICAL"
  },
  "details": "All versions of `cage-js`  contains malicious code. The malware downloads and runs a script from a remote server as a postinstall script.\n\n\n## Recommendation\n\nAny computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be rotated immediately from a different computer.\n\nThe package should be removed, but as full control of the computer may have been given to an outside entity, there is no guarantee that removing the package will remove all malicious software resulting from installing it.",
  "id": "GHSA-jf8x-wg7f-p3w8",
  "modified": "2021-09-30T20:05:28Z",
  "published": "2020-09-03T18:22:33Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://www.npmjs.com/advisories/1085"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ],
  "summary": "Malicious Package in cage-js"
}

GHSA-JFX5-7MR2-G8HG

Vulnerability from github – Published: 2020-09-03 17:31 – Updated: 2021-09-30 18:35
VLAI
Summary
Malicious Package in alico
Details

All versions of alico contain malicious code. The package uploads system information to a remote server, downloads a file and executes it.

Recommendation

Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be rotated immediately from a different computer.

The package should be removed, but as full control of the computer may have been given to an outside entity, there is no guarantee that removing the package will remove all malicious software resulting from installing it.

Show details on source website

{
  "affected": [
    {
      "package": {
        "ecosystem": "npm",
        "name": "alico"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0.0.0"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [],
  "database_specific": {
    "cwe_ids": [
      "CWE-506"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2020-08-31T18:45:22Z",
    "nvd_published_at": null,
    "severity": "CRITICAL"
  },
  "details": "All versions of `alico` contain malicious code. The package uploads system information to a remote server, downloads a file and executes it.\n\n\n## Recommendation\n\nAny computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be rotated immediately from a different computer.\n\nThe package should be removed, but as full control of the computer may have been given to an outside entity, there is no guarantee that removing the package will remove all malicious software resulting from installing it.",
  "id": "GHSA-jfx5-7mr2-g8hg",
  "modified": "2021-09-30T18:35:26Z",
  "published": "2020-09-03T17:31:41Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://www.npmjs.com/advisories/1047"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ],
  "summary": "Malicious Package in alico"
}

GHSA-JGG6-4RPR-WFH7

Vulnerability from github – Published: 2026-05-18 17:55 – Updated: 2026-05-18 17:55
VLAI
Summary
Broken dropper in @mistralai/mistralai, @mistralai/mistralai-azure, @mistralai/mistralai-gcp
Details

Mistral npm @mistralai/mistralai, @mistralai/mistralai-azure, @mistralai/mistralai-gcp were compromised by a supply chain attack related to the TanStack security incident. An automated worm associated with the attack led to compromised npm package versions being published.

Current investigation indicates that an affected developer device was involved. We have no indication that Mistral infrastructure was compromised. The compromised versions were removed from npm. They were available only between May 11 at 22\:45 UTC and May 12 at 01\:53 UTC. Previous and later versions are not affected by this advisory.

Impact

The dropper is broken, it has no impact. - setup.mjs references tanstack_runner.js but the payload file is named router_init.js - execFileSync throws ENOENT and the tmpdir is wiped before payload runs. Bun gets downloaded to a tmpdir but no payload execution.

We still recommend removing the packages, see below for remediation.

Check whether you are affected

You are affected if one of the package versions above was installed in any environment during the exposure window or is present in a lockfile, build artifact, container image, package cache, or deployment image.

Package Affected versions
@mistralai/mistralai 2.2.2, 2.2.3, 2.2.4
@mistralai/mistralai-azure 1.7.1, 1.7.2, 1.7.3
@mistralai/mistralai-gcp 1.7.1, 1.7.2, 1.7.3

Check installed versions:

npm ls @mistralai/mistralai @mistralai/mistralai-azure @mistralai/mistralai-gcp
grep -n -A 4 -B 2 -E '@mistralai/(mistralai|mistralai-azure|mistralai-gcp)|2\.2\.[2-4]|1\.7\.[1-3]' \
  package-lock.json pnpm-lock.yaml yarn.lock 2>/dev/null

Look for any of the following files - router_init.js (embedded in all @tanstack packages): ab4fcadaec49c03278063dd269ea5eef82d24f2124a8e15d7b90f2fa8601266c - tanstack_runner.js (from git commit): 2ec78d556d696e208927cc503d48e4b5eb56b31abc2870c2ed2e98d6be27fc96 - @tanstack/setup package.json: 7c12d8614c624c70d6dd6fc2ee289332474abaa38f70ebe2cdef064923ca3a9b

You may also run this (read-only) script that will automatically flag known malicious files.

You are not affected by this advisory if you did not install the affected package versions and they are not present in your lockfiles, build caches, deployment artifacts, or package mirrors.

If the command finds an affected version, continue with the remediation steps below. If you use private package mirrors, caches, or container base images, check those copies too.

Remediate affected systems

  1. Stop using the affected package version immediately.
  2. Clean systems where one of this package has been installed.
Show details on source website

{
  "affected": [
    {
      "package": {
        "ecosystem": "npm",
        "name": "@mistralai/mistralai"
      },
      "versions": [
        "2.2.2"
      ]
    },
    {
      "package": {
        "ecosystem": "npm",
        "name": "@mistralai/mistralai-azure"
      },
      "versions": [
        "1.7.1"
      ]
    },
    {
      "package": {
        "ecosystem": "npm",
        "name": "@mistralai/mistralai-gcp"
      },
      "versions": [
        "1.7.1"
      ]
    },
    {
      "package": {
        "ecosystem": "npm",
        "name": "@mistralai/mistralai"
      },
      "versions": [
        "2.2.3"
      ]
    },
    {
      "package": {
        "ecosystem": "npm",
        "name": "@mistralai/mistralai"
      },
      "versions": [
        "2.2.4"
      ]
    },
    {
      "package": {
        "ecosystem": "npm",
        "name": "@mistralai/mistralai-azure"
      },
      "versions": [
        "1.7.2"
      ]
    },
    {
      "package": {
        "ecosystem": "npm",
        "name": "@mistralai/mistralai-azure"
      },
      "versions": [
        "1.7.3"
      ]
    },
    {
      "package": {
        "ecosystem": "npm",
        "name": "@mistralai/mistralai-gcp"
      },
      "versions": [
        "1.7.2"
      ]
    },
    {
      "package": {
        "ecosystem": "npm",
        "name": "@mistralai/mistralai-gcp"
      },
      "versions": [
        "1.7.3"
      ]
    }
  ],
  "aliases": [],
  "database_specific": {
    "cwe_ids": [
      "CWE-506"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2026-05-18T17:55:53Z",
    "nvd_published_at": null,
    "severity": "LOW"
  },
  "details": "Mistral npm `@mistralai/mistralai`, `@mistralai/mistralai-azure`, `@mistralai/mistralai-gcp` were compromised by a supply chain attack related to the [TanStack security incident](https://github.com/TanStack/router/security/advisories/GHSA-g7cv-rxg3-hmpx). An automated worm associated with the attack led to **compromised npm package versions being published**.\n\nCurrent investigation indicates that an affected developer device was involved. We have no indication that Mistral infrastructure was compromised. The compromised versions were removed from npm. They were available only between May 11 at 22\\:45 UTC and May 12 at 01\\:53 UTC. **Previous and later versions are not affected by this advisory**.\n\n## Impact\n\nThe dropper **is broken**, it has no impact. \n- `setup.mjs` references `tanstack_runner.js` but the payload file is named `router_init.js`\n    - `execFileSync` throws `ENOENT` and the tmpdir is wiped before payload runs. Bun gets downloaded to a tmpdir but no payload execution.\n\nWe still recommend removing the packages, see below for remediation.\n\n## Check whether you are affected\n\nYou are affected if one of the package versions above was installed in any environment **during the exposure window** or is present in a lockfile, build artifact, container image, package cache, or deployment image.\n\n| Package | Affected versions |\n|---|---|\n| `@mistralai/mistralai` | `2.2.2`, `2.2.3`, `2.2.4` |\n| `@mistralai/mistralai-azure` | `1.7.1`, `1.7.2`, `1.7.3` |\n| `@mistralai/mistralai-gcp` | `1.7.1`, `1.7.2`, `1.7.3` |\n\nCheck installed versions:\n\n```bash\nnpm ls @mistralai/mistralai @mistralai/mistralai-azure @mistralai/mistralai-gcp\ngrep -n -A 4 -B 2 -E \u0027@mistralai/(mistralai|mistralai-azure|mistralai-gcp)|2\\.2\\.[2-4]|1\\.7\\.[1-3]\u0027 \\\n  package-lock.json pnpm-lock.yaml yarn.lock 2\u003e/dev/null\n```\n\nLook for any of the following files\n- `router_init.js` (embedded in all @tanstack packages): `ab4fcadaec49c03278063dd269ea5eef82d24f2124a8e15d7b90f2fa8601266c`\n- `tanstack_runner.js` (from git commit): `2ec78d556d696e208927cc503d48e4b5eb56b31abc2870c2ed2e98d6be27fc96`\n- `@tanstack/setup` package.json: `7c12d8614c624c70d6dd6fc2ee289332474abaa38f70ebe2cdef064923ca3a9b`\n\nYou may also run this (read-only) [script](https://gist.github.com/beowolx2/a3ceeb18d1f1cec977d5cc6eaf41c96a) that will automatically flag known malicious files.\n\nYou are not affected by this advisory if you did not install the affected package versions and they are not present in your lockfiles, build caches, deployment artifacts, or package mirrors.\n\nIf the command finds an affected version, continue with the [remediation steps below](#remediate-affected-systems). If you use private package mirrors, caches, or container base images, check those copies too.\n\n## Remediate affected systems\n\n1. Stop using the affected package version immediately.\n2. Clean systems where one of this package has been installed.",
  "id": "GHSA-jgg6-4rpr-wfh7",
  "modified": "2026-05-18T17:55:53Z",
  "published": "2026-05-18T17:55:53Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/mistralai/client-ts/security/advisories/GHSA-jgg6-4rpr-wfh7"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/mistralai/client-ts"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:N",
      "type": "CVSS_V3"
    }
  ],
  "summary": "Broken dropper in @mistralai/mistralai, @mistralai/mistralai-azure, @mistralai/mistralai-gcp"
}

Mitigation
Implementation Operation

Remove the malicious code and start an effort to ensure that no more malicious code exists. This may require a detailed review of all code, as it is possible to hide a serious attack in only one or two lines of code. These lines may be located almost anywhere in an application and may have been intentionally obfuscated by the attacker.

CAPEC-442: Infected Software

An adversary adds malicious logic, often in the form of a computer virus, to otherwise benign software. This logic is often hidden from the user of the software and works behind the scenes to achieve negative impacts. Many times, the malicious logic is inserted into empty space between legitimate code, and is then called when the software is executed. This pattern of attack focuses on software already fielded and used in operation as opposed to software that is still under development and part of the supply chain.

CAPEC-448: Embed Virus into DLL

An adversary tampers with a DLL and embeds a computer virus into gaps between legitimate machine instructions. These gaps may be the result of compiler optimizations that pad memory blocks for performance gains. The embedded virus then attempts to infect any machine which interfaces with the product, and possibly steal private data or eavesdrop.

CAPEC-636: Hiding Malicious Data or Code within Files

Files on various operating systems can have a complex format which allows for the storage of other data, in addition to its contents. Often this is metadata about the file, such as a cached thumbnail for an image file. Unless utilities are invoked in a particular way, this data is not visible during the normal use of the file. It is possible for an attacker to store malicious data or code using these facilities, which would be difficult to discover.