CVE-2026-55698
A flaw was found in pnpm, a package manager. This vulnerability allows a remote attacker to achieve arbitrary code execution by committing a specially crafted package-manager lockfile pnpm-lock.yaml to a repository. When pnpm is executed, it trusts an already resolved packageManagerDependencies...