Lucene search
K

47 matches found

NVD
NVD
added 3 days ago7 views

CVE-2026-59195

pnpm is a package manager. Prior to 10.34.4 and 11.8.0, pnpm accepts package names from the env lockfile configDependencies section and uses those names directly when creating config dependency symlinks under nodemodules/.pnpm-config. A malicious repository can commit a crafted pnpm-lock.yaml who...

8.2CVSS0.00257EPSS
Exploits1References1
EUVD
EUVD
added 3 days ago4 views

EUVD-2026-41882

pnpm is a package manager. Prior to 10.34.4 and 11.7.0, a crafted lockfile alias could be joined directly under a hoisted nodemodules directory. Traversal aliases could escape that directory, while reserved aliases such as .bin or .pnpm could overwrite pnpm-owned layout. This vulnerability is fix...

7.1CVSS5.9AI score0.00262EPSS
Exploits1References1
ATTACKERKB
ATTACKERKB
added 3 days ago3 views

CVE-2026-59196

pnpm is a package manager. Prior to 10.34.4 and 11.7.0, a crafted lockfile alias could be joined directly under a hoisted nodemodules directory. Traversal aliases could escape that directory, while reserved aliases such as .bin or .pnpm could overwrite pnpm-owned layout. This vulnerability is fix...

7.1CVSS5.9AI score0.00262EPSS
Exploits1References2Affected Software1
RedhatCVE
RedhatCVE
added 3 days ago7 views

CVE-2026-50021

A flaw was found in pnpm, a package manager. An attacker who can modify the pnpm-lock.yaml file and control the package registry can exploit this vulnerability. By removing the integrity field from the lockfile and serving altered package content, the pnpm install --frozen-lockfile command can...

8.1CVSS6.3AI score0.00126EPSS
Exploits1References4
Snyk
Snyk
added 2026/06/27 12:2 a.m.4 views

External Control of File Name or Path

Overview pnpm is a Fast, disk space efficient package manager Affected versions of this package are vulnerable to External Control of File Name or Path via the lockfile alias handling process. An attacker can overwrite files or directories outside the intended nodemodules directory by crafting a...

7.1CVSS5.8AI score0.00262EPSS
Exploits1References3
EUVD
EUVD
added 2026/06/26 11:46 p.m.12 views

EUVD-2026-39485

pnpm: Reserved bin name deletes PNPMHOME during global remove...

6.5CVSS5.8AI score0.00286EPSS
Exploits1References2
EUVD
EUVD
added 2026/06/26 11:12 p.m.7 views

EUVD-2026-39498

pnpm: Repository config can expand victim environment secrets into registry requests before scripts run...

6.5CVSS5.8AI score0.00212EPSS
Exploits1References2
EUVD
EUVD
added 2026/06/26 10:59 p.m.6 views

EUVD-2026-39495

pnpm binds unscoped user-level npm auth credentials to a repository-selected registry...

6.9CVSS5.8AI score0.00254EPSS
Exploits1References2
Github Security Blog
Github Security Blog
added 2026/06/26 10:53 p.m.7 views

pnpm: Git Fetch Argument Injection via Lockfile resolution.commit

Summary pnpm passes the lockfile-controlled git resolution.commit value to git fetch without a -- separator or commit-format validation. For git dependencies fetched through the shallow-fetch path, a malicious lockfile can replace the expected 40-character commit hash with a Git option such as...

7.3CVSS6AI score0.0018EPSS
Exploits1References3Affected Software1
NVD
NVD
added 2026/06/25 6:16 p.m.8 views

CVE-2026-55697

pnpm is a package manager. Prior to 10.34.2 and 11.5.3, pnpm can install configDependencies declared in pnpm-workspace.yaml before command dispatch. Before the patch, a repository could declare pacquet or @pnpm/pacquet as a config dependency and pnpm treated that repository-controlled dependency ...

8.8CVSS0.00127EPSS
Exploits1References1
NVD
NVD
added 2026/06/25 6:16 p.m.8 views

CVE-2026-48995

pnpm is a package manager. Prior to 10.33.4 and 11.0.7, a malicious codeload.github.com server can serve whatever tarball it wants and pnpm will install it regardless of the lockfile. The lockfile does not store the hash of the dependencies from https://codeload.github.com. This means that if thi...

7.5CVSS0.00116EPSS
Exploits1References1
ATTACKERKB
ATTACKERKB
added 2026/06/25 5:0 p.m.5 views

CVE-2026-55180

pnpm is a package manager. Prior to 10.34.2 and 11.5.3, pnpm and pacquet expanded $ENVVAR placeholders from repository-controlled .npmrc and pnpm-workspace.yaml into registry request destinations and registry credentials. A malicious repository could cause dependency resolution to send victim...

6.5CVSS5.8AI score0.00212EPSS
Exploits1References2Affected Software1
CVE
CVE
added 2026/06/25 4:43 p.m.33 views

CVE-2026-55698

pnpm advisory (CVE-2026-55698) affects pnpm by allowing a crafted env lockfile in pnpm-lock.yaml to bypass fresh package-manager resolution and cause installation of bytes selected by the lockfile state. The issue occurs prior to 10.34.2 and 11.5.3, which have fixed the vulnerability. The vulnera...

8.8CVSS6AI score0.00193EPSS
Exploits1References1Affected Software1
Positive Technologies
Positive Technologies
added 2026/06/25 12:0 a.m.9 views

PT-2026-52523

Name of the Vulnerable Software and Affected Versions pnpm versions prior to 10.34.2 pnpm versions 11.0.0 through 11.5.2 Description pnpm can persist package-manager bootstrap metadata in the first YAML document of the pnpm-lock.yaml file. The issue occurs when pnpm incorrectly trusts an already...

8.8CVSS6.5AI score0.00193EPSS
Exploits1References10
Positive Technologies
Positive Technologies
added 2026/06/25 12:0 a.m.11 views

PT-2026-52513

Name of the Vulnerable Software and Affected Versions pnpm versions prior to 10.34.0 pnpm versions prior to 11.4.0 Description pnpm passes the git resolution.commit value from the lockfile to the git fetch command without using a -- separator or performing commit-format validation. When git...

6.4CVSS5.9AI score0.0018EPSS
Exploits1References5
Positive Technologies
Positive Technologies
added 2026/06/25 12:0 a.m.8 views

PT-2026-52514

Name of the Vulnerable Software and Affected Versions pnpm versions prior to 10.34.0 pnpm versions prior to 11.4.0 Description The patch application pipeline @pnpm/patch-package fails to validate file paths extracted from .patch files. An attacker can provide a malicious patch file containing...

7.3CVSS5.9AI score0.0027EPSS
Exploits1References5
RedhatCVE
RedhatCVE
added 2026/01/27 4:59 a.m.7 views

CVE-2026-23890

A flaw was found in pnpm, a package manager. A remote attacker can exploit a path traversal vulnerability by crafting malicious npm packages. This vulnerability allows the attacker to bypass validation by using bin names starting with an "@" symbol, enabling them to create executable shims or...

6.5CVSS6.3AI score0.00438EPSS
Exploits1References6
NVD
NVD
added 2026/01/26 10:15 p.m.9 views

CVE-2026-24056

pnpm is a package manager. Prior to version 10.28.2, when pnpm installs a file: directory or git: dependency, it follows symlinks and reads their target contents without constraining them to the package root. A malicious package containing a symlink to an absolute path e.g., /etc/passwd,...

6.7CVSS0.00469EPSS
Exploits1References3
ATTACKERKB
ATTACKERKB
added 2026/01/26 10:3 p.m.7 views

CVE-2026-24131

pnpm is a package manager. Prior to version 10.28.2, when pnpm processes a package's directories.bin field, it uses path.join without validating the result stays within the package root. A malicious npm package can specify "directories": "bin": "../../../../tmp" to escape the package directory,...

6.7CVSS6AI score0.00244EPSS
Exploits1References4Affected Software1
EUVD
EUVD
added 2026/01/26 10:3 p.m.9 views

EUVD-2026-4653

pnpm is a package manager. Prior to version 10.28.2, when pnpm processes a package's directories.bin field, it uses path.join without validating the result stays within the package root. A malicious npm package can specify "directories": "bin": "../../../../tmp" to escape the package directory,...

6.7CVSS6AI score0.00244EPSS
Exploits1References3
Rows per page
Query Builder