pnpm, the JavaScript package manager, had a flaw in its bin linking logic that let a malicious npm package create or overwrite files outside the expected node_modules/.bin directory. When a bin name begins with a scope marker such as @, pnpm omits certain validations, and after normalizing the scope the path traversal sequences like ../../ are preserved. As a result an attacker can place executable shims or symbolic links anywhere on the filesystem, potentially targeting configuration files, scripts, or other sensitive locations. The stored weakness is a typical path traversal issue (CWE‑23). This gives the attacker the ability to modify files and to execute code with the permissions of the pnpm process, which could lead to unintended privilege escalation or service disruption.

The vulnerability impacts any system running pnpm versions prior to 10.28.1 that installs npm packages or uses pnpm in CI/CD pipelines. pnpm users, developers, and automation scripts that pull dependencies are therefore at risk. The affected vendor/product is pnpm:pnpm, all versions before the publicly released patch in 10.28.1.

The risk assessment assigns a CVSS score of 6.5, placing it in the moderate to high severity category. The EPSS score is below 1%, indicating that widespread exploitation is presently unlikely, and the vulnerability is not listed in CISA’s KEV catalogue. Nevertheless, an attacker only needs to provide or compromise an npm package to trigger the flaw, a scenario that is feasible for supply‑chain attacks or malicious package publication. If an attacker succeeds, they can overwrite or create files on the target system, potentially corrupting configuration, installing backdoors, or enabling further exploitation. The attack vector is inferred to be through malicious or compromised npm packages because the bin linking process occurs during installation. Consequently, users working with untrusted packages or running CI/CD pipelines that install dependencies automatically are at higher risk.