Description
pnpm is a package manager. Prior to version 10.28.1, a path traversal vulnerability in pnpm's binary fetcher allows malicious packages to write files outside the intended extraction directory. The vulnerability has two attack vectors: (1) Malicious ZIP entries containing `../` or absolute paths that escape the extraction root via AdmZip's `extractAllTo`, and (2) The `BinaryResolution.prefix` field is concatenated into the extraction path without validation, allowing a crafted prefix like `../../evil` to redirect extracted files outside `targetDir`. The issue impacts all pnpm users who install packages with binary assets, users who configure custom Node.js binary locations and CI/CD pipelines that auto-install binary dependencies. It can lead to overwriting config files, scripts, or other sensitive files leading to RCE. Version 10.28.1 contains a patch.
Published: 2026-01-26
Score: 6.5 Medium
EPSS: < 1% Very Low
KEV: No
Impact: Arbitrary File Write Leading to Possible Remote Code Execution
Action: Patch Immediately
AI Analysis

Impact

A path traversal flaw in pnpm's binary fetcher enables attackers to cause the extractor to write files outside the intended extraction directory. By including ZIP entries that contain ../ sequences or absolute paths, or by supplying a malicious BinaryResolution.prefix that is concatenated without validation, a package can overwrite arbitrary files. This flaw is classified under CWE-22, CWE-23 and CWE-426 and can lead to the replacement of configuration files, scripts, and other important assets, effectively enabling remote code execution on the node application environment.

Affected Systems

All users of pnpm versions earlier than 10.28.1 who install packages that include binary assets are affected. This includes local developers, teams that accept external packages, and continuous‑integration or deployment workflows that automatically resolve and install binary dependencies. Custom Node.js binary configurations or named prefixes that developers configure are also susceptible if used with the affected pnpm release.

Risk and Exploitability

The CVSS score is 6.5, indicating medium severity. EPSS is reported as less than 1%, suggesting a low estimated exploitation probability, and the vulnerability is not listed in CISA’s KEV catalog. However, because the flaw allows an attacker who can supply a malicious package to write to arbitrary locations, it could lead to the execution of injected code once the malicious binary is executed. The likely attack vector is supply‑chain tampering during package installation, commonly via compromised or forged dependencies, which is a realistic threat for projects that fetch from public registries or use CI/CD pipelines that automatically install dependencies.

Generated by OpenCVE AI on April 18, 2026 at 02:37 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade pnpm to version 10.28.1 or later to receive the fix for the zip‑extraction path traversal flaw
  • If an upgrade is not immediately possible, restrict or validate the set of packages that include binary assets, for example by whitelisting trusted sources or by using npm‑install‑ci to enforce checks on extraction paths
  • Apply a policy to ensure that any binary dependencies are sourced from repositories with verified signatures or lockfiles, and monitor the installation process for anomalous extraction paths

Generated by OpenCVE AI on April 18, 2026 at 02:37 UTC.

Tracking

Sign in to view the affected projects.

Advisories
Source ID Title
Github GHSA Github GHSA GHSA-6pfh-p556-v868 pnpm: Binary ZIP extraction allows arbitrary file write via path traversal (Zip Slip)
History

Wed, 28 Jan 2026 18:00:00 +0000

Type Values Removed Values Added
CPEs cpe:2.3:a:pnpm:pnpm:*:*:*:*:*:node.js:*:*

Tue, 27 Jan 2026 22:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'poc', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Tue, 27 Jan 2026 12:15:00 +0000

Type Values Removed Values Added
References
Metrics threat_severity

None

 threat_severity

Moderate

Tue, 27 Jan 2026 09:15:00 +0000

Type Values Removed Values Added
First Time appeared Pnpm
Pnpm pnpm
Vendors & Products Pnpm
Pnpm pnpm

Mon, 26 Jan 2026 22:15:00 +0000

Type Values Removed Values Added
Description pnpm is a package manager. Prior to version 10.28.1, a path traversal vulnerability in pnpm's binary fetcher allows malicious packages to write files outside the intended extraction directory. The vulnerability has two attack vectors: (1) Malicious ZIP entries containing `../` or absolute paths that escape the extraction root via AdmZip's `extractAllTo`, and (2) The `BinaryResolution.prefix` field is concatenated into the extraction path without validation, allowing a crafted prefix like `../../evil` to redirect extracted files outside `targetDir`. The issue impacts all pnpm users who install packages with binary assets, users who configure custom Node.js binary locations, CI/CD pipelines that auto-install binary dependencies, and those who can overwrite config files, scripts, or other sensitive files leading to RCE. Version 10.28.1 contains a patch. pnpm is a package manager. Prior to version 10.28.1, a path traversal vulnerability in pnpm's binary fetcher allows malicious packages to write files outside the intended extraction directory. The vulnerability has two attack vectors: (1) Malicious ZIP entries containing `../` or absolute paths that escape the extraction root via AdmZip's `extractAllTo`, and (2) The `BinaryResolution.prefix` field is concatenated into the extraction path without validation, allowing a crafted prefix like `../../evil` to redirect extracted files outside `targetDir`. The issue impacts all pnpm users who install packages with binary assets, users who configure custom Node.js binary locations and CI/CD pipelines that auto-install binary dependencies. It can lead to overwriting config files, scripts, or other sensitive files leading to RCE. Version 10.28.1 contains a patch.

Mon, 26 Jan 2026 22:00:00 +0000

Type Values Removed Values Added
Description pnpm is a package manager. Prior to version 10.28.1, a path traversal vulnerability in pnpm's binary fetcher allows malicious packages to write files outside the intended extraction directory. The vulnerability has two attack vectors: (1) Malicious ZIP entries containing `../` or absolute paths that escape the extraction root via AdmZip's `extractAllTo`, and (2) The `BinaryResolution.prefix` field is concatenated into the extraction path without validation, allowing a crafted prefix like `../../evil` to redirect extracted files outside `targetDir`. The issue impacts all pnpm users who install packages with binary assets, users who configure custom Node.js binary locations, CI/CD pipelines that auto-install binary dependencies, and those who can overwrite config files, scripts, or other sensitive files leading to RCE. Version 10.28.1 contains a patch.
Title pnpm: Binary ZIP extraction allows arbitrary file write via path traversal (Zip Slip)
Weaknesses CWE-22
CWE-23
CWE-426
References
Metrics cvssV3_1

{'score': 6.5, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N'}

Subscriptions

Pnpm Pnpm
cve-icon MITRE

Status: PUBLISHED

Assigner: GitHub_M

Published:

Updated: 2026-01-27T21:41:06.094Z

Reserved: 2026-01-16T21:02:02.902Z

Link: CVE-2026-23888

cve-icon Vulnrichment

Updated: 2026-01-27T21:41:02.369Z

cve-icon NVD

Status : Analyzed

Published: 2026-01-26T22:15:56.047

Modified: 2026-01-28T17:47:32.307

Link: CVE-2026-23888

cve-icon Redhat

Severity : Moderate

Publid Date: 2026-01-26T21:37:17Z

Links: CVE-2026-23888 - Bugzilla

cve-icon OpenCVE Enrichment

Updated: 2026-04-18T02:45:27Z

Weaknesses