PT-2026-4827
Name of the Vulnerable Software and Affected Versions pnpm versions prior to 10.28.2 Description pnpm, a package manager, is affected by an issue where installing a file: or git: dependency allows it to follow symlinks and read their target contents without restricting them to the package root. A...