Skip to main content

pnpm EUVDEUVD-2026-39497

| CVE-2026-48995 MEDIUM
Missing Support for Integrity Check (CWE-353)
2026-06-25 GitHub_M GHSA-hg3w-7f8c-63hp
4.8
CVSS 4.0 · Vendor: GitHub_M
Share

Severity by source

Vendor (GitHub_M) PRIMARY
4.8 MEDIUM
CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
vuln.today AI
7.5 HIGH

Network vector with high complexity because exploitation requires compromising or MITMing codeload.github.com; user interaction required as the developer must invoke pnpm install; scope unchanged as impact remains on the developer's system.

3.1 AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
4.0 AV:N/AC:H/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

Primary rating from Vendor (GitHub_M).

CVSS VectorVendor: GitHub_M

CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Attack Vector
Network
Attack Complexity
High
Privileges Required
None
User Interaction
A
Scope
X

Lifecycle Timeline

2
Patch available
Jun 25, 2026 - 19:17 EUVD
Analysis Generated
Jun 25, 2026 - 18:24 vuln.today

DescriptionCVE.org

pnpm is a package manager. Prior to 10.33.4 and 11.0.7, a malicious codeload.github.com server can serve whatever tarball it wants and pnpm will install it regardless of the lockfile. The lockfile does not store the hash of the dependencies from https://codeload.github.com. This means that if this server was compromised or a person's machine configuration was compromised, pnpm would download and install these dependencies. This vulnerability is fixed in 10.33.4 and 11.0.7.

AnalysisAI

Missing integrity verification in pnpm's GitHub codeload dependency resolution (versions prior to 10.33.4 and 11.0.7) enables a compromised or man-in-the-middle codeload.github.com server to deliver arbitrary malicious tarballs that pnpm installs without hash validation. Any developer project that sources dependencies from GitHub via pnpm is exposed when running pnpm install on affected versions, with potential for arbitrary code execution during the install lifecycle. …

Unlock full vulnerability intelligence

  • Risk assessment & exploitation conditions
  • Attack chain visualization
  • Remediation with exact patch versions
  • Threat intelligence from 22 sources
  • Personal watchlist & email alerts

Free forever · No credit card required

Attack ChainAIDerived

Hypothetical attack flow derived from CVE metadata

Access
Compromise or MITM codeload.github.com
Delivery
Serve malicious tarball for targeted GitHub dependency
Exploit
Developer runs pnpm install on affected version
Execution
pnpm fetches tarball without lockfile hash check
Persist
Malicious postinstall scripts execute
Impact
Developer workstation fully compromised

Vulnerability AssessmentAI

Exploitation Exploitation requires all of the following to be true simultaneously: (1) the target project declares at least one dependency sourced from `https://codeload.github.com` (i.e., a GitHub repository specified in `package.json` using the `user/repo` or `github:user/repo` syntax); (2) pnpm version is prior to 10.33.4 (v10) or 11.0.7 (v11); (3) the attacker has compromised the `codeload.github.com` server itself OR has achieved network interception capability between the developer and that domain (DNS poisoning, BGP hijack, rogue proxy, or compromised machine DNS/hosts configuration); and (4) the developer actively runs `pnpm install` or a command that triggers dependency resolution. … Additional conditions and limiting factors are described in the full assessment.
Risk Assessment The CVSS 4.0 score of 4.8 reflects two significant mitigating factors encoded in the vector: AC:H (exploitation requires a compromised `codeload.github.com` server or an attacker with network interception capability such as DNS poisoning or a rogue proxy) and UI:A (a developer must actively run `pnpm install`). … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in.
Exploit Scenario An attacker who has compromised `codeload.github.com` infrastructure - or established a man-in-the-middle position via DNS poisoning, BGP hijack, or a rogue proxy in a developer's network path - substitutes a malicious tarball for a legitimate GitHub dependency. When a developer on an affected pnpm version runs `pnpm install`, pnpm fetches and installs the poisoned package without comparing its content against any stored hash, executing attacker-controlled postinstall scripts with the developer's OS privileges. …
Remediation Vendor-released patches are available: upgrade pnpm to 10.33.4 or later for v10 users, or to 11.0.7 or later for v11 users. … Detailed patch versions, workarounds, and compensating controls in full report.

Threat intelligence, references, and detailed analysis are available after sign-in.

More in Pnpm

View all
CVE-2025-69264 CRITICAL POC
9.8 Jan 07

Arbitrary code execution in the pnpm package manager (versions 10.0.0 through 10.25) lets a git-hosted dependency run co

CVE-2026-50016 HIGH POC
8.8 Jun 25

Path traversal in pnpm before 10.34.0 and 11.4.0 lets a malicious registry package smuggle '../' segments inside a trans

CVE-2026-55698 HIGH POC
8.8 Jun 25

Arbitrary code execution in the pnpm package manager (versions prior to 10.34.2 and 11.5.3) lets a malicious repository

CVE-2026-55697 HIGH POC
8.8 Jun 25

Arbitrary command execution in pnpm before 10.34.2 and 11.5.3 allows a malicious repository to run attacker-chosen nativ

CVE-2025-69263 HIGH POC
8.8 Jan 07

Supply-chain integrity bypass in pnpm package manager (versions ≤10.26.2, per description; GHSA states <10.26.0) allows

CVE-2026-50021 HIGH POC
8.1 Jun 25

Integrity-check bypass in the pnpm package manager (versions before 10.34.0/10.34.1 and 11.0.0-11.3.x) lets tampered pac

CVE-2025-69262 HIGH POC
7.8 Jan 07

{VAR} substitution inside .npmrc tokenHelper settings combined with spawnSync invoked with shell: true. The bug primaril

CVE-2026-50015 HIGH POC
7.3 Jun 25

Arbitrary file write and deletion in pnpm package manager (versions prior to 10.34.0 and 11.4.0) lets a malicious contri

CVE-2026-50014 HIGH POC
7.3 Jun 25

Arbitrary command execution in pnpm before 10.34.0 and 11.4.0 allows a malicious lockfile to run code on a developer's m

CVE-2026-55700 HIGH POC
7.1 Jun 25

Path traversal in pnpm's `pnpm stage download` command (versions 11.3.0 through 11.5.2) lets a malicious or compromised

CVE-2026-55699 MEDIUM POC
6.5 Jun 25

Path traversal in pnpm's global package management flows allows deletion of the global bin directory or its parent when

CVE-2026-55180 MEDIUM POC
6.5 Jun 25

{ENV_VAR} placeholders from repository-controlled .npmrc and pnpm-workspace.yaml files into registry request URLs and cr

Share

EUVD-2026-39497 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy