3 matches found
pnpm 11.3.x < 11.5.3 Stage Download Path Traversal (CVE-2026-55700)
The version of pnpm installed on the remote host is 11.3.x prior to 11.5.3. It is, therefore, affected by a path traversal vulnerability: - From 11.3.0 until 11.5.3, pnpm stage download derived a local filename from registry-controlled package name and version fields. A crafted manifest could...
PT-2026-52525
Name of the Vulnerable Software and Affected Versions pnpm versions 11.3.0 through 11.5.2 Description The pnpm stage download command derives a local filename using package name and version fields controlled by the registry. A crafted manifest can lead to a path traversal, allowing an attacker to...
Froxlor Input Validation Error Vulnerability
Froxlor is a suite of lightweight server management software from the Froxlor team. An input validation error vulnerability exists in versions of Froxlor prior to 2.1.2, which originated from a vulnerability that allows an attacker to bypass system restrictions by leaving basic fields of the...