PT-2026-52523
Name of the Vulnerable Software and Affected Versions pnpm versions prior to 10.34.2 pnpm versions 11.0.0 through 11.5.2 Description pnpm can persist package-manager bootstrap metadata in the first YAML document of the pnpm-lock.yaml file. The issue occurs when pnpm incorrectly trusts an already...