npm - easy-dep-graph - Versions diffs - 1.2.0 → 1.2.2 - Mend

easy-dep-graph 1.2.0 → 1.2.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (2) hide show

package/bin/index.js +1248 -0
package/package.json +4 -4

package/bin/index.js CHANGED Viewed

@@ -257,6 +257,1254 @@ const knownMaliciousPackages = [
         severity: 'high',
         description: 'Typosquat with crypto miner.',
     },
+    // === TanStack ecosystem compromise (May 2026) ===
+    // Malware in 42 @tanstack/* packages exfiltrates cloud credentials, GitHub tokens, and SSH keys
+    // CVE-2026-45321: https://github.com/TanStack/router/security/advisories/GHSA-g7cv-rxg3-hmpx
+    {
+        name: '@tanstack/arktype-adapter',
+        badVersions: ['1.166.12', '1.166.15'],
+        severity: 'critical',
+        description: 'Compromised (May 2026). Malware exfiltrates AWS/GCP credentials, GitHub tokens, SSH keys, and npm tokens. CVE-2026-45321.',
+    },
+    {
+        name: '@tanstack/eslint-plugin-router',
+        badVersions: ['1.161.9', '1.161.12'],
+        severity: 'critical',
+        description: 'Compromised (May 2026). Malware exfiltrates AWS/GCP credentials, GitHub tokens, SSH keys, and npm tokens. CVE-2026-45321.',
+    },
+    {
+        name: '@tanstack/eslint-plugin-start',
+        badVersions: ['0.0.4', '0.0.7'],
+        severity: 'critical',
+        description: 'Compromised (May 2026). Malware exfiltrates AWS/GCP credentials, GitHub tokens, SSH keys, and npm tokens. CVE-2026-45321.',
+    },
+    {
+        name: '@tanstack/history',
+        badVersions: ['1.161.9', '1.161.12'],
+        severity: 'critical',
+        description: 'Compromised (May 2026). Malware exfiltrates AWS/GCP credentials, GitHub tokens, SSH keys, and npm tokens. CVE-2026-45321.',
+    },
+    {
+        name: '@tanstack/nitro-v2-vite-plugin',
+        badVersions: ['1.154.12', '1.154.15'],
+        severity: 'critical',
+        description: 'Compromised (May 2026). Malware exfiltrates AWS/GCP credentials, GitHub tokens, SSH keys, and npm tokens. CVE-2026-45321.',
+    },
+    {
+        name: '@tanstack/react-router',
+        badVersions: ['1.169.5', '1.169.8'],
+        severity: 'critical',
+        description: 'Compromised (May 2026). Malware exfiltrates AWS/GCP credentials, GitHub tokens, SSH keys, and npm tokens. CVE-2026-45321.',
+    },
+    {
+        name: '@tanstack/react-router-devtools',
+        badVersions: ['1.166.16', '1.166.19'],
+        severity: 'critical',
+        description: 'Compromised (May 2026). Malware exfiltrates AWS/GCP credentials, GitHub tokens, SSH keys, and npm tokens. CVE-2026-45321.',
+    },
+    {
+        name: '@tanstack/react-router-ssr-query',
+        badVersions: ['1.166.15', '1.166.18'],
+        severity: 'critical',
+        description: 'Compromised (May 2026). Malware exfiltrates AWS/GCP credentials, GitHub tokens, SSH keys, and npm tokens. CVE-2026-45321.',
+    },
+    {
+        name: '@tanstack/react-start',
+        badVersions: ['1.167.68', '1.167.71'],
+        severity: 'critical',
+        description: 'Compromised (May 2026). Malware exfiltrates AWS/GCP credentials, GitHub tokens, SSH keys, and npm tokens. CVE-2026-45321.',
+    },
+    {
+        name: '@tanstack/react-start-client',
+        badVersions: ['1.166.51', '1.166.54'],
+        severity: 'critical',
+        description: 'Compromised (May 2026). Malware exfiltrates AWS/GCP credentials, GitHub tokens, SSH keys, and npm tokens. CVE-2026-45321.',
+    },
+    {
+        name: '@tanstack/react-start-rsc',
+        badVersions: ['0.0.47', '0.0.50'],
+        severity: 'critical',
+        description: 'Compromised (May 2026). Malware exfiltrates AWS/GCP credentials, GitHub tokens, SSH keys, and npm tokens. CVE-2026-45321.',
+    },
+    {
+        name: '@tanstack/react-start-server',
+        badVersions: ['1.166.55', '1.166.58'],
+        severity: 'critical',
+        description: 'Compromised (May 2026). Malware exfiltrates AWS/GCP credentials, GitHub tokens, SSH keys, and npm tokens. CVE-2026-45321.',
+    },
+    {
+        name: '@tanstack/router-cli',
+        badVersions: ['1.166.46', '1.166.49'],
+        severity: 'critical',
+        description: 'Compromised (May 2026). Malware exfiltrates AWS/GCP credentials, GitHub tokens, SSH keys, and npm tokens. CVE-2026-45321.',
+    },
+    {
+        name: '@tanstack/router-core',
+        badVersions: ['1.169.5', '1.169.8'],
+        severity: 'critical',
+        description: 'Compromised (May 2026). Malware exfiltrates AWS/GCP credentials, GitHub tokens, SSH keys, and npm tokens. CVE-2026-45321.',
+    },
+    {
+        name: '@tanstack/router-devtools',
+        badVersions: ['1.166.16', '1.166.19'],
+        severity: 'critical',
+        description: 'Compromised (May 2026). Malware exfiltrates AWS/GCP credentials, GitHub tokens, SSH keys, and npm tokens. CVE-2026-45321.',
+    },
+    {
+        name: '@tanstack/router-devtools-core',
+        badVersions: ['1.167.6', '1.167.9'],
+        severity: 'critical',
+        description: 'Compromised (May 2026). Malware exfiltrates AWS/GCP credentials, GitHub tokens, SSH keys, and npm tokens. CVE-2026-45321.',
+    },
+    {
+        name: '@tanstack/router-generator',
+        badVersions: ['1.166.45', '1.166.48'],
+        severity: 'critical',
+        description: 'Compromised (May 2026). Malware exfiltrates AWS/GCP credentials, GitHub tokens, SSH keys, and npm tokens. CVE-2026-45321.',
+    },
+    {
+        name: '@tanstack/router-plugin',
+        badVersions: ['1.167.38', '1.167.41'],
+        severity: 'critical',
+        description: 'Compromised (May 2026). Malware exfiltrates AWS/GCP credentials, GitHub tokens, SSH keys, and npm tokens. CVE-2026-45321.',
+    },
+    {
+        name: '@tanstack/router-ssr-query-core',
+        badVersions: ['1.168.3', '1.168.6'],
+        severity: 'critical',
+        description: 'Compromised (May 2026). Malware exfiltrates AWS/GCP credentials, GitHub tokens, SSH keys, and npm tokens. CVE-2026-45321.',
+    },
+    {
+        name: '@tanstack/router-utils',
+        badVersions: ['1.161.11', '1.161.14'],
+        severity: 'critical',
+        description: 'Compromised (May 2026). Malware exfiltrates AWS/GCP credentials, GitHub tokens, SSH keys, and npm tokens. CVE-2026-45321.',
+    },
+    {
+        name: '@tanstack/router-vite-plugin',
+        badVersions: ['1.166.53', '1.166.56'],
+        severity: 'critical',
+        description: 'Compromised (May 2026). Malware exfiltrates AWS/GCP credentials, GitHub tokens, SSH keys, and npm tokens. CVE-2026-45321.',
+    },
+    {
+        name: '@tanstack/solid-router',
+        badVersions: ['1.169.5', '1.169.8'],
+        severity: 'critical',
+        description: 'Compromised (May 2026). Malware exfiltrates AWS/GCP credentials, GitHub tokens, SSH keys, and npm tokens. CVE-2026-45321.',
+    },
+    {
+        name: '@tanstack/solid-router-devtools',
+        badVersions: ['1.166.16', '1.166.19'],
+        severity: 'critical',
+        description: 'Compromised (May 2026). Malware exfiltrates AWS/GCP credentials, GitHub tokens, SSH keys, and npm tokens. CVE-2026-45321.',
+    },
+    {
+        name: '@tanstack/solid-router-ssr-query',
+        badVersions: ['1.166.15', '1.166.18'],
+        severity: 'critical',
+        description: 'Compromised (May 2026). Malware exfiltrates AWS/GCP credentials, GitHub tokens, SSH keys, and npm tokens. CVE-2026-45321.',
+    },
+    {
+        name: '@tanstack/solid-start',
+        badVersions: ['1.167.65', '1.167.68'],
+        severity: 'critical',
+        description: 'Compromised (May 2026). Malware exfiltrates AWS/GCP credentials, GitHub tokens, SSH keys, and npm tokens. CVE-2026-45321.',
+    },
+    {
+        name: '@tanstack/solid-start-client',
+        badVersions: ['1.166.50', '1.166.53'],
+        severity: 'critical',
+        description: 'Compromised (May 2026). Malware exfiltrates AWS/GCP credentials, GitHub tokens, SSH keys, and npm tokens. CVE-2026-45321.',
+    },
+    {
+        name: '@tanstack/solid-start-server',
+        badVersions: ['1.166.54', '1.166.57'],
+        severity: 'critical',
+        description: 'Compromised (May 2026). Malware exfiltrates AWS/GCP credentials, GitHub tokens, SSH keys, and npm tokens. CVE-2026-45321.',
+    },
+    {
+        name: '@tanstack/start-client-core',
+        badVersions: ['1.168.5', '1.168.8'],
+        severity: 'critical',
+        description: 'Compromised (May 2026). Malware exfiltrates AWS/GCP credentials, GitHub tokens, SSH keys, and npm tokens. CVE-2026-45321.',
+    },
+    {
+        name: '@tanstack/start-fn-stubs',
+        badVersions: ['1.161.9', '1.161.12'],
+        severity: 'critical',
+        description: 'Compromised (May 2026). Malware exfiltrates AWS/GCP credentials, GitHub tokens, SSH keys, and npm tokens. CVE-2026-45321.',
+    },
+    {
+        name: '@tanstack/start-plugin-core',
+        badVersions: ['1.169.23', '1.169.26'],
+        severity: 'critical',
+        description: 'Compromised (May 2026). Malware exfiltrates AWS/GCP credentials, GitHub tokens, SSH keys, and npm tokens. CVE-2026-45321.',
+    },
+    {
+        name: '@tanstack/start-server-core',
+        badVersions: ['1.167.33', '1.167.36'],
+        severity: 'critical',
+        description: 'Compromised (May 2026). Malware exfiltrates AWS/GCP credentials, GitHub tokens, SSH keys, and npm tokens. CVE-2026-45321.',
+    },
+    {
+        name: '@tanstack/start-static-server-functions',
+        badVersions: ['1.166.44', '1.166.47'],
+        severity: 'critical',
+        description: 'Compromised (May 2026). Malware exfiltrates AWS/GCP credentials, GitHub tokens, SSH keys, and npm tokens. CVE-2026-45321.',
+    },
+    {
+        name: '@tanstack/start-storage-context',
+        badVersions: ['1.166.38', '1.166.41'],
+        severity: 'critical',
+        description: 'Compromised (May 2026). Malware exfiltrates AWS/GCP credentials, GitHub tokens, SSH keys, and npm tokens. CVE-2026-45321.',
+    },
+    {
+        name: '@tanstack/valibot-adapter',
+        badVersions: ['1.166.12', '1.166.15'],
+        severity: 'critical',
+        description: 'Compromised (May 2026). Malware exfiltrates AWS/GCP credentials, GitHub tokens, SSH keys, and npm tokens. CVE-2026-45321.',
+    },
+    {
+        name: '@tanstack/virtual-file-routes',
+        badVersions: ['1.161.10', '1.161.13'],
+        severity: 'critical',
+        description: 'Compromised (May 2026). Malware exfiltrates AWS/GCP credentials, GitHub tokens, SSH keys, and npm tokens. CVE-2026-45321.',
+    },
+    {
+        name: '@tanstack/vue-router',
+        badVersions: ['1.169.5', '1.169.8'],
+        severity: 'critical',
+        description: 'Compromised (May 2026). Malware exfiltrates AWS/GCP credentials, GitHub tokens, SSH keys, and npm tokens. CVE-2026-45321.',
+    },
+    {
+        name: '@tanstack/vue-router-devtools',
+        badVersions: ['1.166.16', '1.166.19'],
+        severity: 'critical',
+        description: 'Compromised (May 2026). Malware exfiltrates AWS/GCP credentials, GitHub tokens, SSH keys, and npm tokens. CVE-2026-45321.',
+    },
+    {
+        name: '@tanstack/vue-router-ssr-query',
+        badVersions: ['1.166.15', '1.166.18'],
+        severity: 'critical',
+        description: 'Compromised (May 2026). Malware exfiltrates AWS/GCP credentials, GitHub tokens, SSH keys, and npm tokens. CVE-2026-45321.',
+    },
+    {
+        name: '@tanstack/vue-start',
+        badVersions: ['1.167.61', '1.167.64'],
+        severity: 'critical',
+        description: 'Compromised (May 2026). Malware exfiltrates AWS/GCP credentials, GitHub tokens, SSH keys, and npm tokens. CVE-2026-45321.',
+    },
+    {
+        name: '@tanstack/vue-start-client',
+        badVersions: ['1.166.46', '1.166.49'],
+        severity: 'critical',
+        description: 'Compromised (May 2026). Malware exfiltrates AWS/GCP credentials, GitHub tokens, SSH keys, and npm tokens. CVE-2026-45321.',
+    },
+    {
+        name: '@tanstack/vue-start-server',
+        badVersions: ['1.166.50', '1.166.53'],
+        severity: 'critical',
+        description: 'Compromised (May 2026). Malware exfiltrates AWS/GCP credentials, GitHub tokens, SSH keys, and npm tokens. CVE-2026-45321.',
+    },
+    {
+        name: '@tanstack/zod-adapter',
+        badVersions: ['1.166.12', '1.166.15'],
+        severity: 'critical',
+        description: 'Compromised (May 2026). Malware exfiltrates AWS/GCP credentials, GitHub tokens, SSH keys, and npm tokens. CVE-2026-45321.',
+    },
+    // === Mistral AI compromise (May 2026) ===
+    // Part of "Mini Shai-Hulud is back" worm by TeamPCP threat actor (GHSA-3q49-cfcf-g5fm)
+    {
+        name: '@mistralai/mistralai',
+        badVersions: ['2.2.2', '2.2.3', '2.2.4'],
+        severity: 'critical',
+        description: 'Compromised (May 2026). Part of "Mini Shai-Hulud is back" worm. Steals credentials and propagates to accessed packages. Full system compromise. GHSA-3q49-cfcf-g5fm.',
+    },
+    {
+        name: '@mistralai/mistralai-azure',
+        badVersions: ['1.7.1', '1.7.2', '1.7.3'],
+        severity: 'critical',
+        description: 'Compromised (May 2026). Part of "Mini Shai-Hulud is back" worm. Malware exfiltrates credentials and propagates to accessed packages.',
+    },
+    {
+        name: '@mistralai/mistralai-gcp',
+        badVersions: ['1.7.1', '1.7.2', '1.7.3'],
+        severity: 'critical',
+        description: 'Compromised (May 2026). Part of "Mini Shai-Hulud is back" worm. Malware exfiltrates credentials and propagates to accessed packages.',
+    },
+    // === UIPath supply chain compromise (May 2026) ===
+    {
+        name: '@uipath/packager-tool-functions',
+        badVersions: ['0.1.1'],
+        severity: 'critical',
+        description: 'Compromised (May 2026). Part of "Mini Shai-Hulud is back" worm.',
+    },
+    {
+        name: '@uipath/docsai-tool',
+        badVersions: ['1.0.1'],
+        severity: 'critical',
+        description: 'Compromised (May 2026). Part of "Mini Shai-Hulud is back" worm.',
+    },
+    {
+        name: '@uipath/context-grounding-tool',
+        badVersions: ['0.1.1'],
+        severity: 'critical',
+        description: 'Compromised (May 2026). Part of "Mini Shai-Hulud is back" worm.',
+    },
+    {
+        name: '@uipath/apollo-core',
+        badVersions: ['5.9.2'],
+        severity: 'critical',
+        description: 'Compromised (May 2026). Part of "Mini Shai-Hulud is back" worm.',
+    },
+    {
+        name: '@uipath/flow-tool',
+        badVersions: ['1.0.2'],
+        severity: 'critical',
+        description: 'Compromised (May 2026). Part of "Mini Shai-Hulud is back" worm.',
+    },
+    {
+        name: '@uipath/maestro-tool',
+        badVersions: ['1.0.1'],
+        severity: 'critical',
+        description: 'Compromised (May 2026). Part of "Mini Shai-Hulud is back" worm.',
+    },
+    {
+        name: '@uipath/robot',
+        badVersions: ['1.3.4'],
+        severity: 'critical',
+        description: 'Compromised (May 2026). Part of "Mini Shai-Hulud is back" worm.',
+    },
+    {
+        name: '@uipath/integrationservice-tool',
+        badVersions: ['1.0.2'],
+        severity: 'critical',
+        description: 'Compromised (May 2026). Part of "Mini Shai-Hulud is back" worm.',
+    },
+    {
+        name: '@uipath/agent-tool',
+        badVersions: ['1.0.1'],
+        severity: 'critical',
+        description: 'Compromised (May 2026). Part of "Mini Shai-Hulud is back" worm.',
+    },
+    {
+        name: '@uipath/access-policy-sdk',
+        badVersions: ['0.3.1'],
+        severity: 'critical',
+        description: 'Compromised (May 2026). Part of "Mini Shai-Hulud is back" worm.',
+    },
+    {
+        name: '@uipath/rpa-tool',
+        badVersions: ['0.9.5'],
+        severity: 'critical',
+        description: 'Compromised (May 2026). Part of "Mini Shai-Hulud is back" worm.',
+    },
+    {
+        name: '@uipath/apollo-wind',
+        badVersions: ['2.16.2'],
+        severity: 'critical',
+        description: 'Compromised (May 2026). Part of "Mini Shai-Hulud is back" worm.',
+    },
+    {
+        name: '@uipath/widget.sdk',
+        badVersions: ['1.2.3'],
+        severity: 'critical',
+        description: 'Compromised (May 2026). Part of "Mini Shai-Hulud is back" worm.',
+    },
+    {
+        name: '@uipath/common',
+        badVersions: ['1.0.1'],
+        severity: 'critical',
+        description: 'Compromised (May 2026). Part of "Mini Shai-Hulud is back" worm.',
+    },
+    {
+        name: '@uipath/functions-tool',
+        badVersions: ['1.0.1'],
+        severity: 'critical',
+        description: 'Compromised (May 2026). Part of "Mini Shai-Hulud is back" worm.',
+    },
+    {
+        name: '@uipath/cli',
+        badVersions: ['1.0.1'],
+        severity: 'critical',
+        description: 'Compromised (May 2026). Part of "Mini Shai-Hulud is back" worm.',
+    },
+    {
+        name: '@uipath/test-manager-tool',
+        badVersions: ['1.0.2'],
+        severity: 'critical',
+        description: 'Compromised (May 2026). Part of "Mini Shai-Hulud is back" worm.',
+    },
+    {
+        name: '@uipath/packager-tool-apiworkflow',
+        badVersions: ['0.0.19'],
+        severity: 'critical',
+        description: 'Compromised (May 2026). Part of "Mini Shai-Hulud is back" worm.',
+    },
+    {
+        name: '@uipath/insights-sdk',
+        badVersions: ['1.0.1'],
+        severity: 'critical',
+        description: 'Compromised (May 2026). Part of "Mini Shai-Hulud is back" worm.',
+    },
+    {
+        name: '@uipath/rpa-legacy-tool',
+        badVersions: ['1.0.1'],
+        severity: 'critical',
+        description: 'Compromised (May 2026). Part of "Mini Shai-Hulud is back" worm.',
+    },
+    {
+        name: '@uipath/solution-packager',
+        badVersions: ['0.0.35'],
+        severity: 'critical',
+        description: 'Compromised (May 2026). Part of "Mini Shai-Hulud is back" worm.',
+    },
+    {
+        name: '@uipath/api-workflow-tool',
+        badVersions: ['1.0.1'],
+        severity: 'critical',
+        description: 'Compromised (May 2026). Part of "Mini Shai-Hulud is back" worm.',
+    },
+    {
+        name: '@uipath/resources-tool',
+        badVersions: ['0.1.11'],
+        severity: 'critical',
+        description: 'Compromised (May 2026). Part of "Mini Shai-Hulud is back" worm.',
+    },
+    {
+        name: '@uipath/ui-widgets-multi-file-upload',
+        badVersions: ['1.0.1'],
+        severity: 'critical',
+        description: 'Compromised (May 2026). Part of "Mini Shai-Hulud is back" worm.',
+    },
+    {
+        name: '@uipath/codedagents-tool',
+        badVersions: ['0.1.12'],
+        severity: 'critical',
+        description: 'Compromised (May 2026). Part of "Mini Shai-Hulud is back" worm.',
+    },
+    {
+        name: '@uipath/admin-tool',
+        badVersions: ['0.1.1'],
+        severity: 'critical',
+        description: 'Compromised (May 2026). Part of "Mini Shai-Hulud is back" worm.',
+    },
+    {
+        name: '@uipath/tool-workflowcompiler',
+        badVersions: ['0.0.12'],
+        severity: 'critical',
+        description: 'Compromised (May 2026). Part of "Mini Shai-Hulud is back" worm.',
+    },
+    {
+        name: '@uipath/telemetry',
+        badVersions: ['0.0.7'],
+        severity: 'critical',
+        description: 'Compromised (May 2026). Part of "Mini Shai-Hulud is back" worm.',
+    },
+    {
+        name: '@uipath/resourcecatalog-tool',
+        badVersions: ['0.1.1'],
+        severity: 'critical',
+        description: 'Compromised (May 2026). Part of "Mini Shai-Hulud is back" worm.',
+    },
+    {
+        name: '@uipath/aops-policy-tool',
+        badVersions: ['0.3.1'],
+        severity: 'critical',
+        description: 'Compromised (May 2026). Part of "Mini Shai-Hulud is back" worm.',
+    },
+    {
+        name: '@uipath/identity-tool',
+        badVersions: ['0.1.1'],
+        severity: 'critical',
+        description: 'Compromised (May 2026). Part of "Mini Shai-Hulud is back" worm.',
+    },
+    {
+        name: '@uipath/packager-tool-bpmn',
+        badVersions: ['0.0.9'],
+        severity: 'critical',
+        description: 'Compromised (May 2026). Part of "Mini Shai-Hulud is back" worm.',
+    },
+    {
+        name: '@uipath/case-tool',
+        badVersions: ['1.0.1'],
+        severity: 'critical',
+        description: 'Compromised (May 2026). Part of "Mini Shai-Hulud is back" worm.',
+    },
+    {
+        name: '@uipath/ap-chat',
+        badVersions: ['1.5.7'],
+        severity: 'critical',
+        description: 'Compromised (May 2026). Part of "Mini Shai-Hulud is back" worm.',
+    },
+    {
+        name: '@uipath/solutionpackager-sdk',
+        badVersions: ['1.0.11'],
+        severity: 'critical',
+        description: 'Compromised (May 2026). Part of "Mini Shai-Hulud is back" worm.',
+    },
+    {
+        name: '@uipath/agent-sdk',
+        badVersions: ['1.0.2'],
+        severity: 'critical',
+        description: 'Compromised (May 2026). Part of "Mini Shai-Hulud is back" worm.',
+    },
+    {
+        name: '@uipath/vss',
+        badVersions: ['0.1.6'],
+        severity: 'critical',
+        description: 'Compromised (May 2026). Part of "Mini Shai-Hulud is back" worm.',
+    },
+    {
+        name: '@uipath/solution-tool',
+        badVersions: ['1.0.1'],
+        severity: 'critical',
+        description: 'Compromised (May 2026). Part of "Mini Shai-Hulud is back" worm.',
+    },
+    {
+        name: '@uipath/maestro-sdk',
+        badVersions: ['1.0.1'],
+        severity: 'critical',
+        description: 'Compromised (May 2026). Part of "Mini Shai-Hulud is back" worm.',
+    },
+    {
+        name: '@uipath/packager-tool-workflowcompiler',
+        badVersions: ['0.0.16'],
+        severity: 'critical',
+        description: 'Compromised (May 2026). Part of "Mini Shai-Hulud is back" worm.',
+    },
+    {
+        name: '@uipath/data-fabric-tool',
+        badVersions: ['1.0.2'],
+        severity: 'critical',
+        description: 'Compromised (May 2026). Part of "Mini Shai-Hulud is back" worm.',
+    },
+    {
+        name: '@uipath/project-packager',
+        badVersions: ['1.1.16'],
+        severity: 'critical',
+        description: 'Compromised (May 2026). Part of "Mini Shai-Hulud is back" worm.',
+    },
+    {
+        name: '@uipath/orchestrator-tool',
+        badVersions: ['1.0.1'],
+        severity: 'critical',
+        description: 'Compromised (May 2026). Part of "Mini Shai-Hulud is back" worm.',
+    },
+    {
+        name: '@uipath/packager-tool-connector',
+        badVersions: ['0.0.19'],
+        severity: 'critical',
+        description: 'Compromised (May 2026). Part of "Mini Shai-Hulud is back" worm.',
+    },
+    {
+        name: '@uipath/tasks-tool',
+        badVersions: ['1.0.1'],
+        severity: 'critical',
+        description: 'Compromised (May 2026). Part of "Mini Shai-Hulud is back" worm.',
+    },
+    {
+        name: '@uipath/packager-tool-flow',
+        badVersions: ['0.0.19'],
+        severity: 'critical',
+        description: 'Compromised (May 2026). Part of "Mini Shai-Hulud is back" worm.',
+    },
+    {
+        name: '@uipath/integrationservice-sdk',
+        badVersions: ['1.0.2'],
+        severity: 'critical',
+        description: 'Compromised (May 2026). Part of "Mini Shai-Hulud is back" worm.',
+    },
+    {
+        name: '@uipath/solutionpackager-tool-core',
+        badVersions: ['0.0.34'],
+        severity: 'critical',
+        description: 'Compromised (May 2026). Part of "Mini Shai-Hulud is back" worm.',
+    },
+    {
+        name: '@uipath/vertical-solutions-tool',
+        badVersions: ['1.0.1'],
+        severity: 'critical',
+        description: 'Compromised (May 2026). Part of "Mini Shai-Hulud is back" worm.',
+    },
+    {
+        name: '@uipath/insights-tool',
+        badVersions: ['1.0.1'],
+        severity: 'critical',
+        description: 'Compromised (May 2026). Part of "Mini Shai-Hulud is back" worm.',
+    },
+    {
+        name: '@uipath/auth',
+        badVersions: ['1.0.1'],
+        severity: 'critical',
+        description: 'Compromised (May 2026). Part of "Mini Shai-Hulud is back" worm.',
+    },
+    {
+        name: '@uipath/llmgw-tool',
+        badVersions: ['1.0.1'],
+        severity: 'critical',
+        description: 'Compromised (May 2026). Part of "Mini Shai-Hulud is back" worm.',
+    },
+    {
+        name: '@uipath/packager-tool-workflowcompiler-browser',
+        badVersions: ['0.0.34'],
+        severity: 'critical',
+        description: 'Compromised (May 2026). Part of "Mini Shai-Hulud is back" worm.',
+    },
+    {
+        name: '@uipath/platform-tool',
+        badVersions: ['1.0.1'],
+        severity: 'critical',
+        description: 'Compromised (May 2026). Part of "Mini Shai-Hulud is back" worm.',
+    },
+    {
+        name: '@uipath/codedagent-tool',
+        badVersions: ['1.0.1'],
+        severity: 'critical',
+        description: 'Compromised (May 2026). Part of "Mini Shai-Hulud is back" worm.',
+    },
+    {
+        name: '@uipath/codedapp-tool',
+        badVersions: ['1.0.1'],
+        severity: 'critical',
+        description: 'Compromised (May 2026). Part of "Mini Shai-Hulud is back" worm.',
+    },
+    {
+        name: '@uipath/resource-tool',
+        badVersions: ['1.0.1'],
+        severity: 'critical',
+        description: 'Compromised (May 2026). Part of "Mini Shai-Hulud is back" worm.',
+    },
+    {
+        name: '@uipath/gov-tool',
+        badVersions: ['0.3.1'],
+        severity: 'critical',
+        description: 'Compromised (May 2026). Part of "Mini Shai-Hulud is back" worm.',
+    },
+    {
+        name: '@uipath/access-policy-tool',
+        badVersions: ['0.3.1'],
+        severity: 'critical',
+        description: 'Compromised (May 2026). Part of "Mini Shai-Hulud is back" worm.',
+    },
+    {
+        name: '@uipath/packager-tool-case',
+        badVersions: ['0.0.9'],
+        severity: 'critical',
+        description: 'Compromised (May 2026). Part of "Mini Shai-Hulud is back" worm.',
+    },
+    {
+        name: '@uipath/packager-tool-webapp',
+        badVersions: ['1.0.6'],
+        severity: 'critical',
+        description: 'Compromised (May 2026). Part of "Mini Shai-Hulud is back" worm.',
+    },
+    {
+        name: '@uipath/traces-tool',
+        badVersions: ['1.0.1'],
+        severity: 'critical',
+        description: 'Compromised (May 2026). Part of "Mini Shai-Hulud is back" worm.',
+    },
+    {
+        name: '@uipath/filesystem',
+        badVersions: ['1.0.1'],
+        severity: 'critical',
+        description: 'Compromised (May 2026). Part of "Mini Shai-Hulud is back" worm.',
+    },
+    {
+        name: '@uipath/uipath-python-bridge',
+        badVersions: ['1.0.1'],
+        severity: 'critical',
+        description: 'Compromised (May 2026). Part of "Mini Shai-Hulud is back" worm.',
+    },
+    {
+        name: '@uipath/apollo-react',
+        badVersions: ['4.24.5'],
+        severity: 'critical',
+        description: 'Compromised (May 2026). Part of "Mini Shai-Hulud is back" worm.',
+    },
+    {
+        name: '@uipath/agent.sdk',
+        badVersions: ['0.0.18'],
+        severity: 'critical',
+        description: 'Compromised (May 2026). Part of "Mini Shai-Hulud is back" worm.',
+    },
+    // === ML Toolkit compromise (May 2026) ===
+    {
+        name: '@ml-toolkit-ts/xgboost',
+        badVersions: ['1.0.3', '1.0.4'],
+        severity: 'critical',
+        description: 'Compromised (May 2026). Part of "Mini Shai-Hulud is back" worm.',
+    },
+    {
+        name: 'ml-toolkit-ts',
+        badVersions: ['1.0.4', '1.0.5'],
+        severity: 'critical',
+        description: 'Compromised (May 2026). Part of "Mini Shai-Hulud is back" worm.',
+    },
+    {
+        name: '@ml-toolkit-ts/preprocessing',
+        badVersions: ['1.0.2', '1.0.3'],
+        severity: 'critical',
+        description: 'Compromised (May 2026). Part of "Mini Shai-Hulud is back" worm.',
+    },
+    // === Other ecosystem compromises (May 2026) ===
+    {
+        name: '@supersurkhet/cli',
+        badVersions: ['0.0.2', '0.0.3', '0.0.4', '0.0.5', '0.0.6', '0.0.7'],
+        severity: 'critical',
+        description: 'Compromised (May 2026). Part of "Mini Shai-Hulud is back" worm.',
+    },
+    {
+        name: '@supersurkhet/sdk',
+        badVersions: ['0.0.2', '0.0.3', '0.0.4', '0.0.5', '0.0.6', '0.0.7'],
+        severity: 'critical',
+        description: 'Compromised (May 2026). Part of "Mini Shai-Hulud is back" worm.',
+    },
+    {
+        name: '@taskflow-corp/cli',
+        badVersions: ['0.1.24', '0.1.25', '0.1.26', '0.1.27', '0.1.28', '0.1.29'],
+        severity: 'critical',
+        description: 'Compromised (May 2026). Part of "Mini Shai-Hulud is back" worm.',
+    },
+    {
+        name: 'safe-action',
+        badVersions: ['0.8.3', '0.8.4'],
+        severity: 'critical',
+        description: 'Compromised (May 2026). Part of "Mini Shai-Hulud is back" worm.',
+    },
+    {
+        name: '@draftlab/auth',
+        badVersions: ['0.24.1', '0.24.2'],
+        severity: 'critical',
+        description: 'Compromised (May 2026). Part of "Mini Shai-Hulud is back" worm.',
+    },
+    {
+        name: '@draftlab/auth-router',
+        badVersions: ['0.5.1', '0.5.2'],
+        severity: 'critical',
+        description: 'Compromised (May 2026). Part of "Mini Shai-Hulud is back" worm.',
+    },
+    {
+        name: '@draftlab/db',
+        badVersions: ['0.16.1', '0.16.2'],
+        severity: 'critical',
+        description: 'Compromised (May 2026). Part of "Mini Shai-Hulud is back" worm.',
+    },
+    {
+        name: '@tolka/cli',
+        badVersions: ['1.0.2', '1.0.3', '1.0.4', '1.0.5', '1.0.6'],
+        severity: 'critical',
+        description: 'Compromised (May 2026). Part of "Mini Shai-Hulud is back" worm.',
+    },
+    {
+        name: '@dirigible-ai/sdk',
+        badVersions: ['0.6.2', '0.6.3'],
+        severity: 'critical',
+        description: 'Compromised (May 2026). Part of "Mini Shai-Hulud is back" worm.',
+    },
+    {
+        name: '@beproduct/nestjs-auth',
+        badVersions: [
+            '0.1.2',
+            '0.1.3',
+            '0.1.4',
+            '0.1.5',
+            '0.1.6',
+            '0.1.7',
+            '0.1.8',
+            '0.1.9',
+            '0.1.10',
+            '0.1.11',
+            '0.1.12',
+            '0.1.13',
+            '0.1.14',
+            '0.1.15',
+            '0.1.16',
+            '0.1.17',
+            '0.1.18',
+            '0.1.19',
+        ],
+        severity: 'critical',
+        description: 'Compromised (May 2026). Part of "Mini Shai-Hulud is back" worm.',
+    },
+    {
+        name: 'cmux-agent-mcp',
+        badVersions: ['0.1.3', '0.1.4', '0.1.5', '0.1.6', '0.1.7', '0.1.8'],
+        severity: 'critical',
+        description: 'Compromised (May 2026). Part of "Mini Shai-Hulud is back" worm.',
+    },
+    {
+        name: 'git-branch-selector',
+        badVersions: ['1.3.3', '1.3.4', '1.3.5', '1.3.6', '1.3.7'],
+        severity: 'critical',
+        description: 'Compromised (May 2026). Part of "Mini Shai-Hulud is back" worm.',
+    },
+    {
+        name: 'agentwork-cli',
+        badVersions: ['0.1.4', '0.1.5'],
+        severity: 'critical',
+        description: 'Compromised (May 2026). Part of "Mini Shai-Hulud is back" worm.',
+    },
+    {
+        name: '@draftauth/core',
+        badVersions: ['0.13.1', '0.13.2'],
+        severity: 'critical',
+        description: 'Compromised (May 2026). Part of "Mini Shai-Hulud is back" worm.',
+    },
+    {
+        name: '@draftauth/client',
+        badVersions: ['0.2.1', '0.2.2'],
+        severity: 'critical',
+        description: 'Compromised (May 2026). Part of "Mini Shai-Hulud is back" worm.',
+    },
+    {
+        name: 'git-git-git',
+        badVersions: ['1.0.8', '1.0.9', '1.0.10', '1.0.11', '1.0.12'],
+        severity: 'critical',
+        description: 'Compromised (May 2026). Part of "Mini Shai-Hulud is back" worm.',
+    },
+    {
+        name: 'nextmove-mcp',
+        badVersions: ['0.1.3', '0.1.4', '0.1.5', '0.1.6', '0.1.7'],
+        severity: 'critical',
+        description: 'Compromised (May 2026). Part of "Mini Shai-Hulud is back" worm.',
+    },
+    {
+        name: 'cross-stitch',
+        badVersions: ['1.1.3', '1.1.4', '1.1.5', '1.1.6', '1.1.7'],
+        severity: 'critical',
+        description: 'Compromised (May 2026). Part of "Mini Shai-Hulud is back" worm.',
+    },
+    // === Squawk ecosystem compromise (May 2026) ===
+    {
+        name: '@squawk/fix-data',
+        badVersions: ['0.6.4', '0.6.5', '0.6.6', '0.6.7', '0.6.8'],
+        severity: 'critical',
+        description: 'Compromised (May 2026). Part of "Mini Shai-Hulud is back" worm.',
+    },
+    {
+        name: '@squawk/weather',
+        badVersions: ['0.5.6', '0.5.7', '0.5.8', '0.5.9', '0.5.10'],
+        severity: 'critical',
+        description: 'Compromised (May 2026). Part of "Mini Shai-Hulud is back" worm.',
+    },
+    {
+        name: '@squawk/icao-registry-data',
+        badVersions: ['0.8.4', '0.8.5', '0.8.6', '0.8.7', '0.8.8'],
+        severity: 'critical',
+        description: 'Compromised (May 2026). Part of "Mini Shai-Hulud is back" worm.',
+    },
+    {
+        name: '@squawk/airport-data',
+        badVersions: ['0.7.4', '0.7.5', '0.7.6', '0.7.7', '0.7.8'],
+        severity: 'critical',
+        description: 'Compromised (May 2026). Part of "Mini Shai-Hulud is back" worm.',
+    },
+    {
+        name: '@squawk/flightplan',
+        badVersions: ['0.5.2', '0.5.3', '0.5.4', '0.5.5', '0.5.6'],
+        severity: 'critical',
+        description: 'Compromised (May 2026). Part of "Mini Shai-Hulud is back" worm.',
+    },
+    {
+        name: '@squawk/units',
+        badVersions: ['0.4.3', '0.4.4', '0.4.5', '0.4.6', '0.4.7'],
+        severity: 'critical',
+        description: 'Compromised (May 2026). Part of "Mini Shai-Hulud is back" worm.',
+    },
+    {
+        name: '@squawk/flight-math',
+        badVersions: ['0.5.4', '0.5.5', '0.5.6', '0.5.7', '0.5.8'],
+        severity: 'critical',
+        description: 'Compromised (May 2026). Part of "Mini Shai-Hulud is back" worm.',
+    },
+    {
+        name: '@squawk/fixes',
+        badVersions: ['0.3.2', '0.3.3', '0.3.4', '0.3.5', '0.3.6'],
+        severity: 'critical',
+        description: 'Compromised (May 2026). Part of "Mini Shai-Hulud is back" worm.',
+    },
+    {
+        name: '@squawk/airspace-data',
+        badVersions: ['0.5.3', '0.5.4', '0.5.5', '0.5.6', '0.5.7'],
+        severity: 'critical',
+        description: 'Compromised (May 2026). Part of "Mini Shai-Hulud is back" worm.',
+    },
+    {
+        name: '@squawk/procedure-data',
+        badVersions: ['0.7.3', '0.7.4', '0.7.5', '0.7.6', '0.7.7'],
+        severity: 'critical',
+        description: 'Compromised (May 2026). Part of "Mini Shai-Hulud is back" worm.',
+    },
+    {
+        name: '@squawk/navaids',
+        badVersions: ['0.4.2', '0.4.3', '0.4.4', '0.4.5', '0.4.6'],
+        severity: 'critical',
+        description: 'Compromised (May 2026). Part of "Mini Shai-Hulud is back" worm.',
+    },
+    {
+        name: '@squawk/notams',
+        badVersions: ['0.3.6', '0.3.7', '0.3.8', '0.3.9', '0.3.10'],
+        severity: 'critical',
+        description: 'Compromised (May 2026). Part of "Mini Shai-Hulud is back" worm.',
+    },
+    {
+        name: '@squawk/airways',
+        badVersions: ['0.4.2', '0.4.3', '0.4.4', '0.4.5', '0.4.6'],
+        severity: 'critical',
+        description: 'Compromised (May 2026). Part of "Mini Shai-Hulud is back" worm.',
+    },
+    {
+        name: '@squawk/airports',
+        badVersions: ['0.6.2', '0.6.3', '0.6.4', '0.6.5', '0.6.6'],
+        severity: 'critical',
+        description: 'Compromised (May 2026). Part of "Mini Shai-Hulud is back" worm.',
+    },
+    {
+        name: '@squawk/icao-registry',
+        badVersions: ['0.5.2', '0.5.3', '0.5.4', '0.5.5', '0.5.6'],
+        severity: 'critical',
+        description: 'Compromised (May 2026). Part of "Mini Shai-Hulud is back" worm.',
+    },
+    {
+        name: '@squawk/airspace',
+        badVersions: ['0.8.1', '0.8.2', '0.8.3', '0.8.4', '0.8.5'],
+        severity: 'critical',
+        description: 'Compromised (May 2026). Part of "Mini Shai-Hulud is back" worm.',
+    },
+    {
+        name: '@squawk/geo',
+        badVersions: ['0.4.4', '0.4.5', '0.4.6', '0.4.7', '0.4.8'],
+        severity: 'critical',
+        description: 'Compromised (May 2026). Part of "Mini Shai-Hulud is back" worm.',
+    },
+    {
+        name: '@squawk/navaid-data',
+        badVersions: ['0.6.4', '0.6.5', '0.6.6', '0.6.7', '0.6.8'],
+        severity: 'critical',
+        description: 'Compromised (May 2026). Part of "Mini Shai-Hulud is back" worm.',
+    },
+    {
+        name: '@squawk/airway-data',
+        badVersions: ['0.5.4', '0.5.5', '0.5.6', '0.5.7', '0.5.8'],
+        severity: 'critical',
+        description: 'Compromised (May 2026). Part of "Mini Shai-Hulud is back" worm.',
+    },
+    {
+        name: '@squawk/mcp',
+        badVersions: ['0.9.1', '0.9.2', '0.9.3', '0.9.4', '0.9.5'],
+        severity: 'critical',
+        description: 'Compromised (May 2026). Part of "Mini Shai-Hulud is back" worm.',
+    },
+    {
+        name: '@squawk/procedures',
+        badVersions: ['0.5.2', '0.5.3', '0.5.4', '0.5.5', '0.5.6'],
+        severity: 'critical',
+        description: 'Compromised (May 2026). Part of "Mini Shai-Hulud is back" worm.',
+    },
+    {
+        name: '@squawk/types',
+        badVersions: ['0.8.1', '0.8.2', '0.8.3', '0.8.4', '0.8.5'],
+        severity: 'critical',
+        description: 'Compromised (May 2026). Part of "Mini Shai-Hulud is back" worm.',
+    },
+    // === Additional compromise (May 2026) ===
+    {
+        name: 'ts-dna',
+        badVersions: ['3.0.1', '3.0.2', '3.0.3', '3.0.4', '3.0.5'],
+        severity: 'critical',
+        description: 'Compromised (May 2026). Part of "Mini Shai-Hulud is back" worm.',
+    },
+    // === TallyUI ecosystem compromise (May 2026) ===
+    {
+        name: '@tallyui/pos',
+        badVersions: ['0.1.1', '0.1.2', '0.1.3'],
+        severity: 'critical',
+        description: 'Compromised (May 2026). Part of "Mini Shai-Hulud is back" worm.',
+    },
+    {
+        name: '@tallyui/connector-vendure',
+        badVersions: ['1.0.1', '1.0.2', '1.0.3'],
+        severity: 'critical',
+        description: 'Compromised (May 2026). Part of "Mini Shai-Hulud is back" worm.',
+    },
+    {
+        name: '@tallyui/connector-shopify',
+        badVersions: ['1.0.1', '1.0.2', '1.0.3'],
+        severity: 'critical',
+        description: 'Compromised (May 2026). Part of "Mini Shai-Hulud is back" worm.',
+    },
+    {
+        name: '@tallyui/components',
+        badVersions: ['1.0.1', '1.0.2', '1.0.3'],
+        severity: 'critical',
+        description: 'Compromised (May 2026). Part of "Mini Shai-Hulud is back" worm.',
+    },
+    {
+        name: '@tallyui/theme',
+        badVersions: ['0.2.1', '0.2.2', '0.2.3'],
+        severity: 'critical',
+        description: 'Compromised (May 2026). Part of "Mini Shai-Hulud is back" worm.',
+    },
+    {
+        name: 'wot-api',
+        badVersions: ['0.8.1', '0.8.2', '0.8.3', '0.8.4'],
+        severity: 'critical',
+        description: 'Compromised (May 2026). Part of "Mini Shai-Hulud is back" worm.',
+    },
+    {
+        name: '@tallyui/storage-sqlite',
+        badVersions: ['0.2.1', '0.2.2', '0.2.3'],
+        severity: 'critical',
+        description: 'Compromised (May 2026). Part of "Mini Shai-Hulud is back" worm.',
+    },
+    {
+        name: '@tallyui/connector-woocommerce',
+        badVersions: ['1.0.1', '1.0.2', '1.0.3'],
+        severity: 'critical',
+        description: 'Compromised (May 2026). Part of "Mini Shai-Hulud is back" worm.',
+    },
+    {
+        name: '@tallyui/database',
+        badVersions: ['1.0.1', '1.0.2', '1.0.3'],
+        severity: 'critical',
+        description: 'Compromised (May 2026). Part of "Mini Shai-Hulud is back" worm.',
+    },
+    {
+        name: '@tallyui/connector-medusa',
+        badVersions: ['1.0.1', '1.0.2', '1.0.3'],
+        severity: 'critical',
+        description: 'Compromised (May 2026). Part of "Mini Shai-Hulud is back" worm.',
+    },
+    {
+        name: '@tallyui/core',
+        badVersions: ['0.2.1', '0.2.2', '0.2.3'],
+        severity: 'critical',
+        description: 'Compromised (May 2026). Part of "Mini Shai-Hulud is back" worm.',
+    },
+    // === Mesa/MesaDev compromise (May 2026) ===
+    {
+        name: '@mesadev/saguaro',
+        badVersions: ['0.4.22'],
+        severity: 'critical',
+        description: 'Compromised (May 2026). Part of "Mini Shai-Hulud is back" worm.',
+    },
+    {
+        name: '@mesadev/sdk',
+        badVersions: ['0.28.3'],
+        severity: 'critical',
+        description: 'Compromised (May 2026). Part of "Mini Shai-Hulud is back" worm.',
+    },
+    {
+        name: '@mesadev/rest',
+        badVersions: ['0.28.3'],
+        severity: 'critical',
+        description: 'Compromised (May 2026). Part of "Mini Shai-Hulud is back" worm.',
+    },
+    // === OpenSearch compromise (May 2026) ===
+    {
+        name: '@opensearch-project/opensearch',
+        badVersions: ['3.5.3', '3.6.2', '3.7.0', '3.8.0'],
+        severity: 'critical',
+        description: 'Compromised (May 2026). Part of "Mini Shai-Hulud is back" worm.',
+    },
+    // === Red Hat npm packages compromise (June 1, 2026) - Miasma variant ===
+    // 32 packages compromised via GitHub Actions OIDC trusted publishing bypass
+    // Malware steals AWS/GCP/Azure credentials, GitHub tokens, npm tokens, SSH keys, Kubernetes tokens
+    // 116,991 weekly downloads affected
+    {
+        name: '@redhat-cloud-services/chrome',
+        badVersions: ['2.3.1', '2.3.2'],
+        severity: 'critical',
+        description: 'Compromised (Jun 1, 2026). Miasma variant stealing credentials. GitHub Actions OIDC bypass. Steals AWS/GCP/Azure credentials, GitHub tokens, npm tokens, SSH keys.',
+    },
+    {
+        name: '@redhat-cloud-services/compliance-client',
+        badVersions: ['4.0.3', '4.0.4'],
+        severity: 'critical',
+        description: 'Compromised (Jun 1, 2026). Miasma variant stealing credentials. GitHub Actions OIDC bypass. Steals AWS/GCP/Azure credentials, GitHub tokens, npm tokens, SSH keys.',
+    },
+    {
+        name: '@redhat-cloud-services/config-manager-client',
+        badVersions: ['5.0.4', '5.0.5'],
+        severity: 'critical',
+        description: 'Compromised (Jun 1, 2026). Miasma variant stealing credentials. GitHub Actions OIDC bypass. Steals AWS/GCP/Azure credentials, GitHub tokens, npm tokens, SSH keys.',
+    },
+    {
+        name: '@redhat-cloud-services/entitlements-client',
+        badVersions: ['4.0.11', '4.0.12'],
+        severity: 'critical',
+        description: 'Compromised (Jun 1, 2026). Miasma variant stealing credentials. GitHub Actions OIDC bypass. Steals AWS/GCP/Azure credentials, GitHub tokens, npm tokens, SSH keys.',
+    },
+    {
+        name: '@redhat-cloud-services/eslint-config-redhat-cloud-services',
+        badVersions: ['3.2.1', '3.2.2'],
+        severity: 'critical',
+        description: 'Compromised (Jun 1, 2026). Miasma variant stealing credentials. GitHub Actions OIDC bypass. Steals AWS/GCP/Azure credentials, GitHub tokens, npm tokens, SSH keys.',
+    },
+    {
+        name: '@redhat-cloud-services/frontend-components',
+        badVersions: ['7.7.2', '7.7.3'],
+        severity: 'critical',
+        description: 'Compromised (Jun 1, 2026). Miasma variant stealing credentials. GitHub Actions OIDC bypass. Steals AWS/GCP/Azure credentials, GitHub tokens, npm tokens, SSH keys.',
+    },
+    {
+        name: '@redhat-cloud-services/frontend-components-advisor-components',
+        badVersions: ['3.8.2'],
+        severity: 'critical',
+        description: 'Compromised (Jun 1, 2026). Miasma variant stealing credentials. GitHub Actions OIDC bypass. Steals AWS/GCP/Azure credentials, GitHub tokens, npm tokens, SSH keys.',
+    },
+    {
+        name: '@redhat-cloud-services/frontend-components-config',
+        badVersions: ['6.11.3', '6.11.4'],
+        severity: 'critical',
+        description: 'Compromised (Jun 1, 2026). Miasma variant stealing credentials. GitHub Actions OIDC bypass. Steals AWS/GCP/Azure credentials, GitHub tokens, npm tokens, SSH keys.',
+    },
+    {
+        name: '@redhat-cloud-services/frontend-components-config-utilities',
+        badVersions: ['4.11.2', '4.11.3'],
+        severity: 'critical',
+        description: 'Compromised (Jun 1, 2026). Miasma variant stealing credentials. GitHub Actions OIDC bypass. Steals AWS/GCP/Azure credentials, GitHub tokens, npm tokens, SSH keys.',
+    },
+    {
+        name: '@redhat-cloud-services/frontend-components-notifications',
+        badVersions: ['6.9.2', '6.9.3'],
+        severity: 'critical',
+        description: 'Compromised (Jun 1, 2026). Miasma variant stealing credentials. GitHub Actions OIDC bypass. Steals AWS/GCP/Azure credentials, GitHub tokens, npm tokens, SSH keys.',
+    },
+    {
+        name: '@redhat-cloud-services/frontend-components-remediations',
+        badVersions: ['4.9.2', '4.9.3'],
+        severity: 'critical',
+        description: 'Compromised (Jun 1, 2026). Miasma variant stealing credentials. GitHub Actions OIDC bypass. Steals AWS/GCP/Azure credentials, GitHub tokens, npm tokens, SSH keys.',
+    },
+    {
+        name: '@redhat-cloud-services/frontend-components-testing',
+        badVersions: ['1.2.1', '1.2.2'],
+        severity: 'critical',
+        description: 'Compromised (Jun 1, 2026). Miasma variant stealing credentials. GitHub Actions OIDC bypass. Steals AWS/GCP/Azure credentials, GitHub tokens, npm tokens, SSH keys.',
+    },
+    {
+        name: '@redhat-cloud-services/frontend-components-translations',
+        badVersions: ['4.4.1', '4.4.2'],
+        severity: 'critical',
+        description: 'Compromised (Jun 1, 2026). Miasma variant stealing credentials. GitHub Actions OIDC bypass. Steals AWS/GCP/Azure credentials, GitHub tokens, npm tokens, SSH keys.',
+    },
+    {
+        name: '@redhat-cloud-services/frontend-components-utilities',
+        badVersions: ['7.4.1', '7.4.2'],
+        severity: 'critical',
+        description: 'Compromised (Jun 1, 2026). Miasma variant stealing credentials. GitHub Actions OIDC bypass. Steals AWS/GCP/Azure credentials, GitHub tokens, npm tokens, SSH keys.',
+    },
+    {
+        name: '@redhat-cloud-services/hcc-feo-mcp',
+        badVersions: ['0.3.1', '0.3.2'],
+        severity: 'critical',
+        description: 'Compromised (Jun 1, 2026). Miasma variant stealing credentials. GitHub Actions OIDC bypass. Steals AWS/GCP/Azure credentials, GitHub tokens, npm tokens, SSH keys.',
+    },
+    {
+        name: '@redhat-cloud-services/hcc-kessel-mcp',
+        badVersions: ['0.3.1', '0.3.2'],
+        severity: 'critical',
+        description: 'Compromised (Jun 1, 2026). Miasma variant stealing credentials. GitHub Actions OIDC bypass. Steals AWS/GCP/Azure credentials, GitHub tokens, npm tokens, SSH keys.',
+    },
+    {
+        name: '@redhat-cloud-services/hcc-pf-mcp',
+        badVersions: ['0.6.1', '0.6.2'],
+        severity: 'critical',
+        description: 'Compromised (Jun 1, 2026). Miasma variant stealing credentials. GitHub Actions OIDC bypass. Steals AWS/GCP/Azure credentials, GitHub tokens, npm tokens, SSH keys.',
+    },
+    {
+        name: '@redhat-cloud-services/host-inventory-client',
+        badVersions: ['5.0.3', '5.0.4'],
+        severity: 'critical',
+        description: 'Compromised (Jun 1, 2026). Miasma variant stealing credentials. GitHub Actions OIDC bypass. Steals AWS/GCP/Azure credentials, GitHub tokens, npm tokens, SSH keys.',
+    },
+    {
+        name: '@redhat-cloud-services/insights-client',
+        badVersions: ['4.0.4', '4.0.5'],
+        severity: 'critical',
+        description: 'Compromised (Jun 1, 2026). Miasma variant stealing credentials. GitHub Actions OIDC bypass. Steals AWS/GCP/Azure credentials, GitHub tokens, npm tokens, SSH keys.',
+    },
+    {
+        name: '@redhat-cloud-services/integrations-client',
+        badVersions: ['6.0.4', '6.0.5'],
+        severity: 'critical',
+        description: 'Compromised (Jun 1, 2026). Miasma variant stealing credentials. GitHub Actions OIDC bypass. Steals AWS/GCP/Azure credentials, GitHub tokens, npm tokens, SSH keys.',
+    },
+    {
+        name: '@redhat-cloud-services/javascript-clients-shared',
+        badVersions: ['2.0.8', '2.0.9'],
+        severity: 'critical',
+        description: 'Compromised (Jun 1, 2026). Miasma variant stealing credentials. GitHub Actions OIDC bypass. Steals AWS/GCP/Azure credentials, GitHub tokens, npm tokens, SSH keys.',
+    },
+    {
+        name: '@redhat-cloud-services/notifications-client',
+        badVersions: ['6.1.4', '6.1.5'],
+        severity: 'critical',
+        description: 'Compromised (Jun 1, 2026). Miasma variant stealing credentials. GitHub Actions OIDC bypass. Steals AWS/GCP/Azure credentials, GitHub tokens, npm tokens, SSH keys.',
+    },
+    {
+        name: '@redhat-cloud-services/patch-client',
+        badVersions: ['4.0.4', '4.0.5'],
+        severity: 'critical',
+        description: 'Compromised (Jun 1, 2026). Miasma variant stealing credentials. GitHub Actions OIDC bypass. Steals AWS/GCP/Azure credentials, GitHub tokens, npm tokens, SSH keys.',
+    },
+    {
+        name: '@redhat-cloud-services/quickstarts-client',
+        badVersions: ['4.0.11', '4.0.12'],
+        severity: 'critical',
+        description: 'Compromised (Jun 1, 2026). Miasma variant stealing credentials. GitHub Actions OIDC bypass. Steals AWS/GCP/Azure credentials, GitHub tokens, npm tokens, SSH keys.',
+    },
+    {
+        name: '@redhat-cloud-services/rbac-client',
+        badVersions: ['9.0.3', '9.0.4'],
+        severity: 'critical',
+        description: 'Compromised (Jun 1, 2026). Miasma variant stealing credentials. GitHub Actions OIDC bypass. Steals AWS/GCP/Azure credentials, GitHub tokens, npm tokens, SSH keys.',
+    },
+    {
+        name: '@redhat-cloud-services/remediations-client',
+        badVersions: ['4.0.4', '4.0.5'],
+        severity: 'critical',
+        description: 'Compromised (Jun 1, 2026). Miasma variant stealing credentials. GitHub Actions OIDC bypass. Steals AWS/GCP/Azure credentials, GitHub tokens, npm tokens, SSH keys.',
+    },
+    {
+        name: '@redhat-cloud-services/rule-components',
+        badVersions: ['4.7.2', '4.7.3'],
+        severity: 'critical',
+        description: 'Compromised (Jun 1, 2026). Miasma variant stealing credentials. GitHub Actions OIDC bypass. Steals AWS/GCP/Azure credentials, GitHub tokens, npm tokens, SSH keys.',
+    },
+    {
+        name: '@redhat-cloud-services/sources-client',
+        badVersions: ['3.0.10', '3.0.11'],
+        severity: 'critical',
+        description: 'Compromised (Jun 1, 2026). Miasma variant stealing credentials. GitHub Actions OIDC bypass. Steals AWS/GCP/Azure credentials, GitHub tokens, npm tokens, SSH keys.',
+    },
+    {
+        name: '@redhat-cloud-services/topological-inventory-client',
+        badVersions: ['3.0.10', '3.0.11'],
+        severity: 'critical',
+        description: 'Compromised (Jun 1, 2026). Miasma variant stealing credentials. GitHub Actions OIDC bypass. Steals AWS/GCP/Azure credentials, GitHub tokens, npm tokens, SSH keys.',
+    },
+    {
+        name: '@redhat-cloud-services/tsc-transform-imports',
+        badVersions: ['1.2.2'],
+        severity: 'critical',
+        description: 'Compromised (Jun 1, 2026). Miasma variant stealing credentials. GitHub Actions OIDC bypass. Steals AWS/GCP/Azure credentials, GitHub tokens, npm tokens, SSH keys.',
+    },
+    {
+        name: '@redhat-cloud-services/types',
+        badVersions: ['3.6.1', '3.6.2', '3.6.4'],
+        severity: 'critical',
+        description: 'Compromised (Jun 1, 2026). Miasma variant stealing credentials. GitHub Actions OIDC bypass. Steals AWS/GCP/Azure credentials, GitHub tokens, npm tokens, SSH keys.',
+    },
+    {
+        name: '@redhat-cloud-services/vulnerabilities-client',
+        badVersions: ['2.1.8', '2.1.9'],
+        severity: 'critical',
+        description: 'Compromised (Jun 1, 2026). Miasma variant stealing credentials. GitHub Actions OIDC bypass. Steals AWS/GCP/Azure credentials, GitHub tokens, npm tokens, SSH keys.',
+    },
 ];
 void (async function main() {
     // Check if peer dependencies mode

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "easy-dep-graph",
-  "version": "1.2.0",
+  "version": "1.2.2",
   "description": "Easily see the dependency graph of your npm project",
   "homepage": "https://github.com/danisss9/easy-dep-graph#readme",
   "repository": {
@@ -61,14 +61,14 @@
     "fastify": "^5.8.5",
     "mustache": "^4.2.0",
     "open": "^11.0.0",
-    "semver": "^7.7.4",
+    "semver": "^7.8.0",
     "shelljs": "^0.10.0"
   },
   "devDependencies": {
     "@types/mustache": "^4.2.6",
-    "@types/node": "^25.6.0",
+    "@types/node": "^25.9.0",
     "@types/semver": "^7.7.1",
     "@types/shelljs": "^0.10.0",
-    "typescript": "^6.0.2"
+    "typescript": "^6.0.3"
   }
 }