Skip to main content

pnpm CVE-2026-50015

| EUVDEUVD-2026-39492 HIGH
Path Traversal (CWE-22)
2026-06-25 GitHub_M GHSA-rxhj-4m44-96r4
7.3
CVSS 3.1 · Vendor: GitHub_M
Share

Severity by source

Vendor (GitHub_M) PRIMARY
7.3 HIGH
AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:H
vuln.today AI
8.1 HIGH

Submitting a public PR needs no privileges on the victim (PR:N), but a maintainer must run install (UI:R); reliable traversal (AC:L) yields high integrity/availability impact and no confidentiality loss.

3.1 AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H
4.0 AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N

Primary rating from Vendor (GitHub_M).

CVSS VectorVendor: GitHub_M

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:H
Attack Vector
Network
Attack Complexity
Low
Privileges Required
Low
User Interaction
Required
Scope
Unchanged
Confidentiality
None
Integrity
High
Availability
High

Lifecycle Timeline

2
Patch available
Jun 25, 2026 - 19:17 EUVD
Analysis Generated
Jun 25, 2026 - 18:18 vuln.today

DescriptionCVE.org

pnpm is a package manager. Prior to 10.34.0 and 11.4.0, pnpm's patch application pipeline (@pnpm/patch-package) performs no path validation on file paths extracted from .patch files. An attacker who contributes a malicious patch file via a pull request can write attacker-controlled content to or delete arbitrary files on the filesystem during pnpm install, as the user running the install. The diff --git header paths containing ../../ sequences traverse out of the package directory, and the traversal is difficult to catch in code review because patch file diff headers are opaque to most reviewers. This vulnerability is fixed in 10.34.0 and 11.4.0.

AnalysisAI

Arbitrary file write and deletion in pnpm package manager (versions prior to 10.34.0 and 11.4.0) lets a malicious contributor abuse the @pnpm/patch-package pipeline, which applies .patch files without validating the file paths in their diff --git headers. Because patch diff headers are opaque to most code reviewers, an attacker can slip ../../ traversal sequences into a pull request and, when a maintainer runs pnpm install, write attacker-controlled content to or delete arbitrary files with the privileges of the installing user. …

Unlock full vulnerability intelligence

  • Risk assessment & exploitation conditions
  • Attack chain visualization
  • Remediation with exact patch versions
  • Threat intelligence from 22 sources
  • Personal watchlist & email alerts

Free forever · No credit card required

Attack ChainAIDerived

Hypothetical attack flow derived from CVE metadata

Access
Submit PR adding malicious .patch file
Delivery
Hide ../../ traversal in diff header
Exploit
Maintainer checks out branch
Execution
Run pnpm install applies patch
Impact
Write/delete arbitrary files as user

Vulnerability AssessmentAI

Exploitation Exploitation requires that the target project uses pnpm's patch feature (a `.patch` file referenced via `patchedDependencies` in `package.json`) and that a victim with filesystem write privileges runs `pnpm install` against the attacker's contributed patch - typically after accepting or checking out a malicious pull request. … Additional conditions and limiting factors are described in the full assessment.
Risk Assessment Signals are partially conflicting and should be read together. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in.
Exploit Scenario An attacker opens a pull request to a target repository that adds or modifies a `.patch` file referenced by `patchedDependencies`, with a `diff --git` header path containing `../../` that points at a sensitive file such as a CI script, SSH config, or shell profile. A maintainer reviews the PR, sees a plausible dependency patch, checks out the branch and runs `pnpm install`; pnpm applies the patch and writes attacker-controlled content to (or deletes) the out-of-tree target as the maintainer/CI user. …
Remediation Upgrade pnpm to a fixed release - Vendor-released patch: 10.34.0 (10.x line) or 11.4.0 (11.x line) - as documented in advisory GHSA-rxhj-4m44-96r4 (https://github.com/pnpm/pnpm/security/advisories/GHSA-rxhj-4m44-96r4); pin the upgraded version in CI runners and developer environments since the trigger is `pnpm install`. … Detailed patch versions, workarounds, and compensating controls in full report.

Recommended ActionAI

Within 24 hours: Inventory all internal projects and CI/CD pipelines using pnpm; document current versions for each. …

Sign in for detailed remediation steps and compensating controls.

Threat intelligence, references, and detailed analysis are available after sign-in.

More in Pnpm

View all
CVE-2025-69264 CRITICAL POC
9.8 Jan 07

Arbitrary code execution in the pnpm package manager (versions 10.0.0 through 10.25) lets a git-hosted dependency run co

CVE-2026-50016 HIGH POC
8.8 Jun 25

Path traversal in pnpm before 10.34.0 and 11.4.0 lets a malicious registry package smuggle '../' segments inside a trans

CVE-2026-55698 HIGH POC
8.8 Jun 25

Arbitrary code execution in the pnpm package manager (versions prior to 10.34.2 and 11.5.3) lets a malicious repository

CVE-2026-55697 HIGH POC
8.8 Jun 25

Arbitrary command execution in pnpm before 10.34.2 and 11.5.3 allows a malicious repository to run attacker-chosen nativ

CVE-2025-69263 HIGH POC
8.8 Jan 07

Supply-chain integrity bypass in pnpm package manager (versions ≤10.26.2, per description; GHSA states <10.26.0) allows

CVE-2026-50021 HIGH POC
8.1 Jun 25

Integrity-check bypass in the pnpm package manager (versions before 10.34.0/10.34.1 and 11.0.0-11.3.x) lets tampered pac

CVE-2025-69262 HIGH POC
7.8 Jan 07

{VAR} substitution inside .npmrc tokenHelper settings combined with spawnSync invoked with shell: true. The bug primaril

CVE-2026-50014 HIGH POC
7.3 Jun 25

Arbitrary command execution in pnpm before 10.34.0 and 11.4.0 allows a malicious lockfile to run code on a developer's m

CVE-2026-55700 HIGH POC
7.1 Jun 25

Path traversal in pnpm's `pnpm stage download` command (versions 11.3.0 through 11.5.2) lets a malicious or compromised

CVE-2026-55699 MEDIUM POC
6.5 Jun 25

Path traversal in pnpm's global package management flows allows deletion of the global bin directory or its parent when

CVE-2026-55180 MEDIUM POC
6.5 Jun 25

{ENV_VAR} placeholders from repository-controlled .npmrc and pnpm-workspace.yaml files into registry request URLs and cr

CVE-2024-47829 MEDIUM POC
6.5 Apr 23

pnpm is a package manager. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authenticati

Share

CVE-2026-50015 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy