CVE-2026-45321

This repository provides a detection script for the TanStack supply chain compromise (CVE-2026-45321), checking for indicators of compromise (IOCs) such as malicious files, processes, and network connections. It does not contain exploit code but helps identify compromised systems.

This repository contains a zero-dependency CLI scanner for detecting compromised npm and PyPI packages, specifically targeting the Mini Shai-Hulud supply chain attack (CVE-2026-45321). It scans lockfiles, system IOCs, and outputs findings in multiple formats (text, JSON, SARIF).

This repository contains a GitHub Action and associated scripts designed to scan for compromised dependencies in TanStack projects, focusing on detecting known vulnerabilities (e.g., GHSA-g7cv-rxg3-hmpx). It includes workflows for automated checks, Docker support, and release management, but does not contain exploit code.

This repository contains a scanner for detecting indicators of compromise related to the Mini Shai-Hulud supply chain worm (CVE-2026-45321). It checks for malicious npm/PyPI packages, persistence mechanisms, payload files, and C2 traffic without executing any exploit code.

This repository contains a scanner tool for detecting indicators of CVE-2026-45321 in TanStack Router projects. It checks for vulnerable package versions, suspicious files, and dependencies but does not include exploit code.

This repository provides a scanner for detecting indicators of compromise (IOCs) related to the Mini Shai-Hulud supply chain worm (CVE-2026-45321). It performs diagnostic checks for worm artifacts, persistence hooks, malicious files, compromised packages, and network IOCs, with full transparency and user approval for each step.

This repository contains a Bash script designed to scan systems for indicators of compromise (IOCs) related to CVE-2026-45321, a supply chain attack affecting npm and PyPI packages. The script checks for malicious files, persistence mechanisms, C2 infrastructure, and compromised packages.

This repository provides a read-only scanner to detect the presence of malicious versions of TanStack npm packages affected by CVE-2026-45321. It checks lockfiles, package manifests, and node_modules for known malicious versions and indicators of compromise.

This repository contains a detection script for the TanStack supply chain compromise (CVE-2026-45321), which scans for compromised packages, payload files, and persistence artifacts. It does not include exploit code but provides a comprehensive scanner for identifying indicators of compromise.