Skip to main content

pnpm EUVDEUVD-2026-39488

| CVE-2026-50021 HIGH
Improper Validation of Integrity Check Value (CWE-354)
2026-06-25 GitHub_M GHSA-q6j5-fjx5-2mc3
8.1
CVSS 3.1 · NVD
Share

Severity by source

Vendor (GitHub_M) PRIMARY
MEDIUM
qualitative
NVD
8.1 HIGH
AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
vuln.today AI
6.8 MEDIUM

AC:H because exploitation needs both lockfile modification and control of registry-served content; PR:L for the repository/lockfile write access required; I:H/C:H from arbitrary tampered-package execution, A:N as availability is not the direct impact.

3.1 AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N
4.0 AV:N/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N

Primary rating from Vendor (GitHub_M).

CVSS VectorNVD

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
Attack Vector
Network
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
None

Lifecycle Timeline

8
Source Code Evidence Fetched
Jun 29, 2026 - 21:31 vuln.today
Analysis Updated
Jun 29, 2026 - 21:31 vuln.today
v3 (cvss_changed)
Analysis Updated
Jun 29, 2026 - 21:31 vuln.today
v2 (cvss_changed)
Re-analysis Queued
Jun 29, 2026 - 21:22 vuln.today
cvss_changed
Severity Changed
Jun 29, 2026 - 21:22 NVD
MEDIUM HIGH
CVSS changed
Jun 29, 2026 - 21:22 NVD
6.8 (MEDIUM) 8.1 (HIGH)
Patch available
Jun 25, 2026 - 19:17 EUVD
Analysis Generated
Jun 25, 2026 - 18:21 vuln.today

DescriptionNVD

pnpm is a package manager. Prior to 10.34.0 and 11.4.0, pnpm's tarball extraction worker skips integrity verification when the integrity field is absent from the lockfile resolution. If an attacker can both modify pnpm-lock.yaml to remove the integrity: field and cause the referenced registry URL to serve altered package content, pnpm install --frozen-lockfile can install the altered package without an integrity error. npm's npm ci enforces integrity by default; pnpm's behavior of silently skipping verification is a pnpm-specific fail-open gap. This vulnerability is fixed in 10.34.0 and 11.4.0.

AnalysisAI

Integrity-check bypass in the pnpm package manager (versions before 10.34.0/10.34.1 and 11.0.0-11.3.x) lets tampered packages install silently because the tarball extraction worker skips hash verification whenever the lockfile resolution has no integrity field. An attacker who can both edit pnpm-lock.yaml to drop the integrity: line and cause the referenced registry URL to serve altered content can push a malicious package through pnpm install --frozen-lockfile without any integrity error - a fail-open gap that npm's npm ci does not share. …

Unlock full vulnerability intelligence

  • Risk assessment & exploitation conditions
  • Attack chain visualization
  • Remediation with exact patch versions
  • Threat intelligence from 22 sources
  • Personal watchlist & email alerts

Free forever · No credit card required

Attack ChainAIDerived

Hypothetical attack flow derived from CVE metadata

Access
Gain write access to pnpm-lock.yaml
Delivery
Strip integrity field from remote resolution
Exploit
Serve altered tarball at registry URL
Execution
Run pnpm install --frozen-lockfile
Persist
Hash check skipped, tampered package stored
Impact
Malicious code executes in build/deploy

Vulnerability AssessmentAI

Exploitation Exploitation requires two concrete, simultaneous prerequisites: (1) the attacker must be able to modify `pnpm-lock.yaml` to delete the `integrity:` field from a remote tarball resolution (e.g., via repository write access, a merged pull request, or a compromised developer), and (2) the attacker must control the content served at that package's registry URL so the altered tarball is delivered (registry compromise, malicious proxy/mirror, or MITM). … Additional conditions and limiting factors are described in the full assessment.
Risk Assessment Signals point to a genuine but conditional supply-chain risk rather than a mass-exploitation emergency. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in.
Exploit Scenario An attacker submits or sneaks a change into a project's pnpm-lock.yaml that removes the `integrity:` line for a chosen dependency, then arranges for that dependency's registry URL to return a backdoored tarball (e.g., via registry compromise, a malicious proxy, or man-in-the-middle on an unverified path). When CI runs `pnpm install --frozen-lockfile`, pnpm skips hash verification, installs the tampered package, and the malicious postinstall/runtime code executes in the build or deployment environment. …
Remediation Vendor-released patch: upgrade to pnpm 10.34.1 (10.x line; advisory also lists 10.34.0 as the fix) or 11.4.0 (11.x line), per GHSA-q6j5-fjx5-2mc3 (https://github.com/pnpm/pnpm/security/advisories/GHSA-q6j5-fjx5-2mc3). … Detailed patch versions, workarounds, and compensating controls in full report.

Recommended ActionAI

24 hours: Identify all pnpm installations and current versions across development and CI/CD environments. …

Sign in for detailed remediation steps and compensating controls.

Threat intelligence, references, and detailed analysis are available after sign-in.

CVE-2024-55591 CRITICAL POC
9.8 Jan 14

FortiOS and FortiProxy contain an authentication bypass via the Node.js websocket module allowing unauthenticated remote

CVE-2025-59528 CRITICAL POC
10.0 Sep 22

Flowise version 3.0.5 contains a remote code execution vulnerability in the CustomMCP node. The mcpServerConfig paramete

CVE-2026-45321 CRITICAL POC
9.6 May 12

Credential-harvesting malware compromised 84 versions of 42 TanStack npm packages on 2026-05-11 via chained GitHub Actio

CVE-2025-54782 CRITICAL POC
9.4 Aug 02

Nest is a framework for building scalable Node.js server-side applications. Rated critical severity (CVSS 9.4), this vul

CVE-2026-41679 CRITICAL POC
10.0 Apr 23

Remote unauthenticated attackers achieve full code execution on Paperclip AI orchestration servers (versions prior to 20

CVE-2026-21877 CRITICAL POC
9.9 Jan 08

n8n workflow automation (through 1.121.2) allows authenticated users to execute arbitrary code via the n8n service, with

CVE-2026-41264 CRITICAL POC
9.2 Apr 21

## Abstract Trend Micro's Zero Day Initiative has identified a vulnerability affecting FlowiseAI Flowise. ## Vulnerabi

CVE-2026-21858 CRITICAL POC
10.0 Jan 08

n8n workflow automation (1.65.0 to 1.121.0) allows unauthenticated file access through form-based workflows. A critical

CVE-2026-34156 CRITICAL POC
9.9 Mar 30

Remote code execution in NocoBase Workflow Script Node (npm @nocobase/plugin-workflow-javascript) allows authenticated l

CVE-2026-22686 CRITICAL POC
10.0 Jan 14

enclave-vm JavaScript sandbox (before 2.7.0) has a critical sandbox escape. When a tool invocation fails, a host-side Er

CVE-2026-42043 CRITICAL POC
10.0 Apr 24

NO_PROXY protection bypass in Axios HTTP client (versions 1.0.0-1.15.0 and ≤0.31.0) lets an attacker who controls a requ

CVE-2026-47668 CRITICAL POC
10.0 Jun 05

Unauthenticated remote code execution in DbGate (npm package dbgate-serve, versions <= 7.1.8) lets remote attackers exec

Share

EUVD-2026-39488 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy