CVE-2026-55697
Undergoing Analysis Undergoing Analysis - In Progress
Arbitrary Code Execution in pnpm Package Manager

Publication date: 2026-06-25

Last updated on: 2026-06-25

Assigner: GitHub, Inc.

Description
pnpm is a package manager. Prior to 10.34.2 and 11.5.3, pnpm can install configDependencies declared in pnpm-workspace.yaml before command dispatch. Before the patch, a repository could declare pacquet or @pnpm/pacquet as a config dependency and pnpm treated that repository-controlled dependency as an install-engine opt-in. During install, pnpm resolved a platform-specific @pacquet/<platform>-<arch>/pacquet binary from node_modules/.pnpm-config/<packageName> and spawned it as the developer or CI user. This vulnerability is fixed in 10.34.2 and 11.5.3.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-06-25
Last Modified
2026-06-25
Generated
2026-06-26
AI Q&A
2026-06-25
EPSS Evaluated
N/A
NVD
CVE-2026-55697
EUVD
EUVD-2026-39483
Affected Vendors & Products
Showing 2 associated CPEs
Vendor Product Version / Range
pnpm pnpm to 10.34.2|end_excluding=11.5.3 (exc)
pnpm pnpm to 11.5.3 (exc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-78 The product constructs all or part of an OS command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended OS command when it is sent to a downstream component.
CWE-494 The product downloads source code or an executable from a remote location and executes the code without sufficiently verifying the origin and integrity of the code.
CWE-829 The product imports, requires, or includes executable functionality (such as a library) from a source that is outside of the intended control sphere.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Compliance Impact

This vulnerability allows arbitrary code execution with the user's filesystem, environment, and credentials access if exploited. Such unauthorized access and potential data compromise could negatively impact compliance with standards and regulations like GDPR and HIPAA, which require protection of sensitive data and user privacy.

Because the vulnerability enables execution of malicious native binaries with user privileges, it could lead to breaches of confidentiality, integrity, and availability of data, which are core concerns in these regulations.

Mitigating this vulnerability by applying the patch and enforcing trust boundaries is essential to maintain compliance with these standards.

Executive Summary

This vulnerability affects pnpm, a package manager. Before versions 10.34.2 and 11.5.3, pnpm could install configDependencies declared in pnpm-workspace.yaml before executing commands. A repository could declare pacquet or @pnpm/pacquet as a config dependency, which pnpm would treat as an install-engine opt-in. During installation, pnpm would resolve and execute a platform-specific pacquet binary from the repository's node_modules directory, running it with the privileges of the developer or CI user. This behavior could lead to unintended code execution.

Impact Analysis

The vulnerability can lead to high impact consequences including unauthorized code execution with the privileges of the developer or continuous integration user. This can compromise confidentiality, integrity, and availability of the system where pnpm is used, potentially allowing attackers to execute malicious code, alter data, or disrupt operations.

Mitigation Strategies

To mitigate this vulnerability, update pnpm to version 10.34.2 or later, or 11.5.3 or later, where the issue is fixed.

Detection Guidance

This vulnerability can be detected by checking if your pnpm installation is a vulnerable version prior to 10.34.2 or between 11.0.0 and before 11.5.3, and by inspecting your pnpm-workspace.yaml files for the presence of config dependencies named pacquet or @pnpm/pacquet.

You can also verify if the vulnerable behavior is possible by checking whether the configDependencyInstallEngineAllowlist setting is configured outside the repository (in global/user config or environment variables). If this allowlist is not set, the system is vulnerable.

Suggested commands to detect potential exploitation or presence of the vulnerability include:

  • Check pnpm version: `pnpm --version`
  • Search for pacquet dependencies in pnpm-workspace.yaml: `grep -E 'pacquet|@pnpm/pacquet' pnpm-workspace.yaml`
  • Check if configDependencyInstallEngineAllowlist is set: `pnpm config get configDependencyInstallEngineAllowlist` or check environment variables related to pnpm config
  • Monitor for unexpected spawning of native binaries from node_modules/.pnpm-config/ directories during pnpm commands like `pnpm install`
Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-55697. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart