{"uuid": "20f593d0-ecdf-4b36-88f4-513c7d935311", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "GHSA-JGG6-4RPR-WFH7", "type": "seen", "source": "https://gist.github.com/alon710/2086198312b306686e313c1e5c4a662e", "content": "# GHSA-JGG6-4RPR-WFH7: GHSA-JGG6-4RPR-WFH7: Mistral AI SDK Supply Chain Compromise via Mini Shai-Hulud Worm\n\n> **CVSS Score:** 9.8\n> **Published:** 2026-05-18\n> **Full Report:** https://cvereports.com/reports/GHSA-JGG6-4RPR-WFH7\n\n## Summary\nA significant supply chain compromise affected official Mistral AI software development kits (SDKs) on both NPM and PyPI ecosystems. The incident involved an automated worm known as 'Mini Shai-Hulud' that leveraged stolen maintainer credentials to publish malicious packages containing secondary dropper payloads.\n\n## TL;DR\nMistral AI's official NPM and PyPI packages were compromised by the Mini Shai-Hulud worm via a developer's stolen session tokens. Malicious package versions containing secondary dropper scripts were published, requiring immediate dependency auditing and secret rotation.\n\n## Exploit Status: WEAPONIZED\n\n## Technical Details\n\n- **Attack Vector**: Supply Chain Compromise\n- **CWE ID**: CWE-506\n- **Impact**: Credential Theft / Arbitrary Code Execution\n- **Vulnerable Packages**: @mistralai/* (NPM), mistralai (PyPI)\n- **Threat Actor / Malware**: Mini Shai-Hulud Worm\n- **Primary Target**: Developer Environments\n\n## Affected Systems\n\n- Developer Workstations\n- CI/CD Pipelines\n- Automated Build Systems\n- **@mistralai/mistralai**: Versions published ~May 12, 2025 (Fixed in: `Latest post-May 12 versions`)\n- **@mistralai/mistralai-azure**: Versions published ~May 12, 2025 (Fixed in: `Latest post-May 12 versions`)\n- **@mistralai/mistralai-gcp**: Versions published ~May 12, 2025 (Fixed in: `Latest post-May 12 versions`)\n- **mistralai (PyPI)**: == 2.4.6 (Fixed in: `Latest post-May 12 versions`)\n\n## Mitigation\n\n- Dependency Auditing\n- Credential Rotation\n- Package Cache Purging\n- Behavioral Detection\n\n**Remediation Steps:**\n1. Audit package.json and requirements.txt for affected package versions.\n2. Remove malicious package versions from the environment.\n3. Execute 'npm cache clean --force' and clear pip caches.\n4. Update to the latest clean versions of the Mistral SDKs.\n5. Rotate all credentials, API keys, and SSO tokens present on affected systems, prioritizing MISTRAL_API_KEY.\n\n## References\n\n- [GHSA-JGG6-4RPR-WFH7 Advisory](https://github.com/advisories/GHSA-JGG6-4RPR-WFH7)\n\n\n---\n*Generated by [CVEReports](https://cvereports.com/reports/GHSA-JGG6-4RPR-WFH7) - Automated Vulnerability Intelligence*", "creation_timestamp": "2026-05-18T19:10:51.000000Z"}