DEV Community

CVE Reports
CVE Reports

Posted on • Originally published at cvereports.com

GHSA-JGG6-4RPR-WFH7: GHSA-JGG6-4RPR-WFH7: Mistral AI SDK Supply Chain Compromise via Mini Shai-Hulud Worm

#security #cve #cybersecurity #ghsa

GHSA-JGG6-4RPR-WFH7: Mistral AI SDK Supply Chain Compromise via Mini Shai-Hulud Worm

Vulnerability ID: GHSA-JGG6-4RPR-WFH7
CVSS Score: 9.8
Published: 2026-05-18

A significant supply chain compromise affected official Mistral AI software development kits (SDKs) on both NPM and PyPI ecosystems. The incident involved an automated worm known as 'Mini Shai-Hulud' that leveraged stolen maintainer credentials to publish malicious packages containing secondary dropper payloads.

TL;DR

Mistral AI's official NPM and PyPI packages were compromised by the Mini Shai-Hulud worm via a developer's stolen session tokens. Malicious package versions containing secondary dropper scripts were published, requiring immediate dependency auditing and secret rotation.

⚠️ Exploit Status: WEAPONIZED

Technical Details

  • Attack Vector: Supply Chain Compromise
  • CWE ID: CWE-506
  • Impact: Credential Theft / Arbitrary Code Execution
  • Vulnerable Packages: @mistralai/* (NPM), mistralai (PyPI)
  • Threat Actor / Malware: Mini Shai-Hulud Worm
  • Primary Target: Developer Environments

Affected Systems

  • Developer Workstations
  • CI/CD Pipelines
  • Automated Build Systems
  • @mistralai/mistralai: Versions published ~May 12, 2025 (Fixed in: Latest post-May 12 versions)
  • @mistralai/mistralai-azure: Versions published ~May 12, 2025 (Fixed in: Latest post-May 12 versions)
  • @mistralai/mistralai-gcp: Versions published ~May 12, 2025 (Fixed in: Latest post-May 12 versions)
  • mistralai (PyPI): == 2.4.6 (Fixed in: Latest post-May 12 versions)

Mitigation Strategies

  • Dependency Auditing
  • Credential Rotation
  • Package Cache Purging
  • Behavioral Detection

Remediation Steps:

  1. Audit package.json and requirements.txt for affected package versions.
  2. Remove malicious package versions from the environment.
  3. Execute 'npm cache clean --force' and clear pip caches.
  4. Update to the latest clean versions of the Mistral SDKs.
  5. Rotate all credentials, API keys, and SSO tokens present on affected systems, prioritizing MISTRAL_API_KEY.

References

Read the full report for GHSA-JGG6-4RPR-WFH7 on our website for more details including interactive diagrams and full exploit analysis.

Top comments (0)