Overview · TanStack/router · GitHub

Security

No security policy detected

This project has not set up a SECURITY.md file yet.

Report a vulnerability

Malware in 42 @tanstack/* packages exfiltrates cloud credentials, GitHub tokens, and SSH keys
GHSA-g7cv-rxg3-hmpx published May 11, 2026 by tannerlinsley

Critical
Inbound server-function request deserialization could invoke a sibling client-referenced server function
GHSA-9m65-766c-r333 published May 8, 2026 by tannerlinsley

Moderate

Learn more about advisories related to TanStack/router in the GitHub Advisory Database