Skip to main content

pnpm EUVDEUVD-2026-39490

| CVE-2026-50014 HIGH
Improper Neutralization of Argument Delimiters in a Command ('Argument Injection') (CWE-88)
2026-06-25 GitHub_M GHSA-p4xf-rf54-rj3x
7.3
CVSS 3.1 · NVD
Share

Severity by source

Vendor (GitHub_M) PRIMARY
MEDIUM
qualitative
NVD
7.3 HIGH
AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N
vuln.today AI
7.5 HIGH

Attacker controls a distributed lockfile (PR:N) but needs victim to run install (UI:R) and a non-default SSH/local transport (AC:H); injected command execution yields full C/I/A:H.

3.1 AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
4.0 AV:N/AC:H/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

Primary rating from Vendor (GitHub_M).

CVSS VectorNVD

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N
Attack Vector
Network
Attack Complexity
Low
Privileges Required
Low
User Interaction
Required
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
None

Lifecycle Timeline

8
Source Code Evidence Fetched
Jun 29, 2026 - 21:28 vuln.today
Analysis Updated
Jun 29, 2026 - 21:28 vuln.today
v3 (cvss_changed)
Analysis Updated
Jun 29, 2026 - 21:28 vuln.today
v2 (cvss_changed)
Re-analysis Queued
Jun 29, 2026 - 21:22 vuln.today
cvss_changed
Severity Changed
Jun 29, 2026 - 21:22 NVD
MEDIUM HIGH
CVSS changed
Jun 29, 2026 - 21:22 NVD
6.4 (MEDIUM) 7.3 (HIGH)
Patch available
Jun 25, 2026 - 19:17 EUVD
Analysis Generated
Jun 25, 2026 - 18:23 vuln.today

DescriptionNVD

pnpm is a package manager. Prior to 10.34.0 and 11.4.0, pnpm passes the lockfile-controlled git resolution.commit value to git fetch without a -- separator or commit-format validation. For git dependencies fetched through the shallow-fetch path, a malicious lockfile can replace the expected 40-character commit hash with a Git option such as --upload-pack=<command>. For SSH and local transports, --upload-pack can execute the supplied command. HTTPS transports ignore --upload-pack, so the practical attack surface is primarily SSH or local git dependencies. This vulnerability is fixed in 10.34.0 and 11.4.0.

AnalysisAI

Arbitrary command execution in pnpm before 10.34.0 and 11.4.0 allows a malicious lockfile to run code on a developer's machine during pnpm install. Because pnpm passes the lockfile-controlled resolution.commit to git fetch/git checkout without a -- separator or 40-hex-character validation, an attacker can substitute the expected commit hash with a Git option such as --upload-pack=<command>, which Git executes for SSH and local (file://) transports. …

Unlock full vulnerability intelligence

  • Risk assessment & exploitation conditions
  • Attack chain visualization
  • Remediation with exact patch versions
  • Threat intelligence from 22 sources
  • Personal watchlist & email alerts

Free forever · No credit card required

Attack ChainAIDerived

Hypothetical attack flow derived from CVE metadata

Access
Gain influence over pnpm-lock.yaml
Delivery
Replace commit hash with --upload-pack=<command>
Exploit
Victim runs pnpm install
Execution
git fetch parses value as option
Persist
Git executes injected command
Impact
Code runs as install user

Vulnerability AssessmentAI

Exploitation Exploitation requires three concrete conditions: (1) the attacker must control the contents of `pnpm-lock.yaml`, specifically the `resolution.commit` field of a git dependency (e.g., via a malicious PR or compromised repo); (2) that git dependency must be fetched over SSH or local (`file://`) git transport AND go through pnpm's shallow-fetch path - HTTPS transport ignores `--upload-pack` and is NOT exploitable; and (3) a victim must run `pnpm install` (UI:R) on pnpm older than 10.34.0 or 11.0.0-11.3.x. … Additional conditions and limiting factors are described in the full assessment.
Risk Assessment Signals are moderate and internally consistent rather than alarming. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in.
Exploit Scenario An attacker who can influence a project's `pnpm-lock.yaml` - for example via a malicious pull request, a compromised dependency, or a poisoned shared repository - edits a git dependency entry that resolves over SSH or local transport and replaces the 40-character commit hash with `--upload-pack=<malicious command>`. When a developer or CI runner subsequently runs `pnpm install`, pnpm's shallow-fetch path passes that value to `git fetch`, and Git executes the attacker's command as the user running install. …
Remediation Upgrade pnpm to a fixed release: Vendor-released patch: 10.34.0 (for the 10.x line) or 11.4.0 (for the 11.x line), per advisory https://github.com/pnpm/pnpm/security/advisories/GHSA-p4xf-rf54-rj3x. … Detailed patch versions, workarounds, and compensating controls in full report.

Recommended ActionAI

24 hours: Audit all development machines, CI/CD systems, and Docker build environments to identify pnpm versions <10.34.0 or <11.4.0; notify development teams of remediation requirement. …

Sign in for detailed remediation steps and compensating controls.

Threat intelligence, references, and detailed analysis are available after sign-in.

More in Pnpm

View all
CVE-2025-69264 CRITICAL POC
9.8 Jan 07

Arbitrary code execution in the pnpm package manager (versions 10.0.0 through 10.25) lets a git-hosted dependency run co

CVE-2026-50016 HIGH POC
8.8 Jun 25

Path traversal in pnpm before 10.34.0 and 11.4.0 lets a malicious registry package smuggle '../' segments inside a trans

CVE-2026-55698 HIGH POC
8.8 Jun 25

Arbitrary code execution in the pnpm package manager (versions prior to 10.34.2 and 11.5.3) lets a malicious repository

CVE-2026-55697 HIGH POC
8.8 Jun 25

Arbitrary command execution in pnpm before 10.34.2 and 11.5.3 allows a malicious repository to run attacker-chosen nativ

CVE-2025-69263 HIGH POC
8.8 Jan 07

Supply-chain integrity bypass in pnpm package manager (versions ≤10.26.2, per description; GHSA states <10.26.0) allows

CVE-2026-50021 HIGH POC
8.1 Jun 25

Integrity-check bypass in the pnpm package manager (versions before 10.34.0/10.34.1 and 11.0.0-11.3.x) lets tampered pac

CVE-2025-69262 HIGH POC
7.8 Jan 07

{VAR} substitution inside .npmrc tokenHelper settings combined with spawnSync invoked with shell: true. The bug primaril

CVE-2026-50015 HIGH POC
7.3 Jun 25

Arbitrary file write and deletion in pnpm package manager (versions prior to 10.34.0 and 11.4.0) lets a malicious contri

CVE-2026-55700 HIGH POC
7.1 Jun 25

Path traversal in pnpm's `pnpm stage download` command (versions 11.3.0 through 11.5.2) lets a malicious or compromised

CVE-2026-55699 MEDIUM POC
6.5 Jun 25

Path traversal in pnpm's global package management flows allows deletion of the global bin directory or its parent when

CVE-2026-55180 MEDIUM POC
6.5 Jun 25

{ENV_VAR} placeholders from repository-controlled .npmrc and pnpm-workspace.yaml files into registry request URLs and cr

CVE-2024-47829 MEDIUM POC
6.5 Apr 23

pnpm is a package manager. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authenticati

Share

EUVD-2026-39490 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy