CVE-2026-45321 | tanstack arktype-adapter malicious code (ID 7383)

A vulnerability classified as critical has been found in tanstack arktype-adapter, eslint-plugin-router, eslint-plugin-start, history, nitro-v2-vite-plugin, react-router, react-router-devtools, react-router-ssr-query, react-start, react-start-client, react-start-rsc, react-start-server, router-cli, router-core, router-devtools, router-devtools-core, router-generator, router-plugin, router-ssr-query-core, router-utils, outer-vite-plugin, solid-router, solid-router-devtools, solid-router-ssr-query, solid-start, solid-start-client, solid-start-server, start-client-core, start-fn-stubs, start-plugin-core, start-server-core, start-static-server-functions, start-storage-context, valibot-adapter, virtual-file-routes, vue-router, vue-router-devtools, vue-router-ssr-query, vue-start, vue-start-client, vue-start-server and zod-adapter. Affected by this vulnerability is an unknown functionality. The manipulation leads to embedded malicious code.

This vulnerability is traded as CVE-2026-45321. It is possible to initiate the attack remotely. There is no exploit available.VulDB Recent EntriesRead More