Description

pnpm is a package manager. Prior to 10.34.2 and 11.5.3, pnpm can persist package-manager bootstrap metadata in the first YAML document of pnpm-lock.yaml. Before the patch, direct pnpm execution trusted an already resolved packageManagerDependencies entry when the committed env lockfile contained matching pnpm and @pnpm/exe versions. A malicious repository could therefore commit package-manager lockfile package records and snapshots that bypassed fresh package-manager resolution, then cause pnpm to install and execute bytes selected by that committed lockfile state during automatic version switching. This vulnerability is fixed in 10.34.2 and 11.5.3.

Severity (CVSS)

Base score8.8
SeverityHigh
VersionCVSS 3.1
VectorCVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Provided byCNA

Weaknesses

  • CWE-345 — CWE-345: Insufficient Verification of Data Authenticity
  • CWE-494 — CWE-494: Download of Code Without Integrity Check
  • CWE-829 — CWE-829: Inclusion of Functionality from Untrusted Control Sphere

Affected products

VendorProductVersions
pnpmpnpm< 10.34.2; >= 11.0.0, < 11.5.3

References

Authoritative sources

This page is a snapshot. For the latest enrichment and updates, view the record on CVE.org or the NVD.

Generated from the official CVE List on 26 Jun 2026 07:05 UTC.