Skip to main content

pnpm CVE-2026-50016

| EUVDEUVD-2026-39494 HIGH
Relative Path Traversal (CWE-23)
2026-06-25 GitHub_M GHSA-hwx4-2j3j-g496
8.8
CVSS 3.1 · Vendor: GitHub_M
Share

Severity by source

Vendor (GitHub_M) PRIMARY
8.8 HIGH
AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
vuln.today AI
8.3 HIGH

Network-delivered malicious package, low complexity, no attacker privileges, but victim must run install (UI:R); symlink replacement is primarily integrity/availability, with only secondary confidentiality (C:L).

3.1 AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:H/A:H
4.0 AV:N/AC:L/AT:N/PR:N/UI:P/VC:L/VI:H/VA:H/SC:N/SI:N/SA:N

Primary rating from Vendor (GitHub_M).

CVSS VectorVendor: GitHub_M

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
Required
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High

Lifecycle Timeline

2
Patch available
Jun 25, 2026 - 19:17 EUVD
Analysis Generated
Jun 25, 2026 - 18:19 vuln.today

DescriptionCVE.org

pnpm is a package manager. Prior to 10.34.0 and 11.4.0, pnpm allows a transitive dependency alias from registry package metadata to contain path traversal segments. During install, pnpm later uses that alias as a filesystem path when linking dependency nodes. As a result, a registry package can cause pnpm install --ignore-scripts to replace paths in the current project with symlinks to attacker-controlled dependency package directories. This vulnerability is fixed in 10.34.0 and 11.4.0.

AnalysisAI

Path traversal in pnpm before 10.34.0 and 11.4.0 lets a malicious registry package smuggle '../' segments inside a transitive dependency alias, which pnpm then trusts as a filesystem path while linking dependency nodes. During a normal install - even with pnpm install --ignore-scripts - this allows a published package to replace paths inside the victim's project with symlinks pointing at attacker-controlled dependency directories, corrupting project integrity and enabling downstream code execution. …

Unlock full vulnerability intelligence

  • Risk assessment & exploitation conditions
  • Attack chain visualization
  • Remediation with exact patch versions
  • Threat intelligence from 22 sources
  • Personal watchlist & email alerts

Free forever · No credit card required

Attack ChainAIDerived

Hypothetical attack flow derived from CVE metadata

Access
Publish package with malicious alias metadata
Delivery
Land package in victim's dependency tree
Exploit
Victim runs pnpm install (even --ignore-scripts)
Execution
Traversal alias used as link path
Persist
Project paths replaced with attacker symlinks
Impact
Code execution on next build/run

Vulnerability AssessmentAI

Exploitation Exploitation requires that the victim run a pnpm install (UI:R) with a vulnerable pnpm version (<10.34.0 or <11.4.0) and that the dependency graph resolve a package whose registry metadata supplies a transitive dependency alias containing path-traversal (`../`) segments - i.e., the attacker must control or compromise a package that lands in the project's transitive dependencies. … Additional conditions and limiting factors are described in the full assessment.
Risk Assessment The provided CVSS 3.1 vector (AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H = 8.8) reflects a network-delivered, low-complexity attack requiring only that a victim install an affected dependency (UI:R). … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in.
Exploit Scenario An attacker publishes (or compromises) a package whose metadata declares a transitive dependency alias containing `../` path-traversal segments, then gets it into a victim's dependency tree directly or as a transitive dependency. When the victim runs `pnpm install` - even with `--ignore-scripts` - pnpm links that alias to a path outside node_modules, replacing project files or directories with symlinks to attacker-controlled dependency content, which can lead to code execution on next build or run. …
Remediation Vendor-released patch: upgrade pnpm to 10.34.0 (for the 10.x line) or 11.4.0 (for the 11.x line) or later, per advisory GHSA-hwx4-2j3j-g496 (https://github.com/pnpm/pnpm/security/advisories/GHSA-hwx4-2j3j-g496); pin the upgraded version in CI runners, Corepack/`packageManager` fields, and developer environments so older binaries cannot silently run. … Detailed patch versions, workarounds, and compensating controls in full report.

Recommended ActionAI

Within 24 hours: Identify all projects using pnpm and document current versions; audit recent package installations for suspicious symlink entries in node_modules. …

Sign in for detailed remediation steps and compensating controls.

Threat intelligence, references, and detailed analysis are available after sign-in.

More in Pnpm

View all
CVE-2025-69264 CRITICAL POC
9.8 Jan 07

Arbitrary code execution in the pnpm package manager (versions 10.0.0 through 10.25) lets a git-hosted dependency run co

CVE-2026-55698 HIGH POC
8.8 Jun 25

Arbitrary code execution in the pnpm package manager (versions prior to 10.34.2 and 11.5.3) lets a malicious repository

CVE-2026-55697 HIGH POC
8.8 Jun 25

Arbitrary command execution in pnpm before 10.34.2 and 11.5.3 allows a malicious repository to run attacker-chosen nativ

CVE-2025-69263 HIGH POC
8.8 Jan 07

Supply-chain integrity bypass in pnpm package manager (versions ≤10.26.2, per description; GHSA states <10.26.0) allows

CVE-2026-50021 HIGH POC
8.1 Jun 25

Integrity-check bypass in the pnpm package manager (versions before 10.34.0/10.34.1 and 11.0.0-11.3.x) lets tampered pac

CVE-2025-69262 HIGH POC
7.8 Jan 07

{VAR} substitution inside .npmrc tokenHelper settings combined with spawnSync invoked with shell: true. The bug primaril

CVE-2026-50015 HIGH POC
7.3 Jun 25

Arbitrary file write and deletion in pnpm package manager (versions prior to 10.34.0 and 11.4.0) lets a malicious contri

CVE-2026-50014 HIGH POC
7.3 Jun 25

Arbitrary command execution in pnpm before 10.34.0 and 11.4.0 allows a malicious lockfile to run code on a developer's m

CVE-2026-55700 HIGH POC
7.1 Jun 25

Path traversal in pnpm's `pnpm stage download` command (versions 11.3.0 through 11.5.2) lets a malicious or compromised

CVE-2026-55699 MEDIUM POC
6.5 Jun 25

Path traversal in pnpm's global package management flows allows deletion of the global bin directory or its parent when

CVE-2026-55180 MEDIUM POC
6.5 Jun 25

{ENV_VAR} placeholders from repository-controlled .npmrc and pnpm-workspace.yaml files into registry request URLs and cr

CVE-2024-47829 MEDIUM POC
6.5 Apr 23

pnpm is a package manager. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authenticati

Share

CVE-2026-50016 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy