GHSA-jgg6-4rpr-wfh7: Broken dropper in @mistralai/mistralai, @mistralai/mistralai-azure, @mistralai/mistralai-gcp
Summary
Three Mistral AI npm packages (@mistralai/mistralai, @mistralai/mistralai-azure, @mistralai/mistralai-gcp) were compromised in a supply chain attack (where malicious code is inserted into legitimate software dependencies) between May 11-12. However, the malicious code, called a dropper (a program designed to download and execute harmful payloads), was broken and failed to run because it referenced the wrong filename. The affected versions have been removed from npm.
Solution / Mitigation
1. Stop using the affected package versions immediately (2.2.2, 2.2.3, 2.2.4 for @mistralai/mistralai; 1.7.1, 1.7.2, 1.7.3 for @mistralai/mistralai-azure and @mistralai/mistralai-gcp). 2. Clean systems where these packages were installed. Check your installed versions using 'npm ls' or by searching your lockfiles (package-lock.json, pnpm-lock.yaml, yarn.lock) for the affected version numbers. Also check build artifacts, container images, and package caches for the malicious files: router_init.js, tanstack_runner.js, or @tanstack/setup package.json.
Classification
Affected Vendors
Affected Packages
Related Issues
Original source: https://github.com/advisories/GHSA-jgg6-4rpr-wfh7
First tracked: May 18, 2026 at 02:00 PM
Classified by LLM (prompt v3) · confidence: 95%