Description
pnpm is a package manager. Prior to version 10.28.2, when pnpm installs a `file:` (directory) or `git:` dependency, it follows symlinks and reads their target contents without constraining them to the package root. A malicious package containing a symlink to an absolute path (e.g., `/etc/passwd`, `~/.ssh/id_rsa`) causes pnpm to copy that file's contents into `node_modules`, leaking local data. The vulnerability only affects `file:` and `git:` dependencies. Registry packages (npm) have symlinks stripped during publish and are NOT affected. The issue impacts developers installing local/file dependencies andCI/CD pipelines installing git dependencies. It can lead to credential theft via symlinks to `~/.aws/credentials`, `~/.npmrc`, `~/.ssh/id_rsa`. Version 10.28.2 contains a patch.
Published: 2026-01-26
Score: 6.7 Medium
EPSS: < 1% Very Low
KEV: No
Impact: Local data exposure via symlink traversal
Action: Patch Now
AI Analysis

Impact

pnpm, prior to version 10.28.2, copies the contents of files pointed to by symlinks in file: and git: dependencies without restricting them to the package root. A malicious package that includes a symlink to an absolute path such as /etc/passwd or ~/.ssh/id_rsa causes pnpm to copy that local data into node_modules, leaking sensitive information. The weakness is a path traversal/remote file inclusion based on CWE-22 and CWE-59. While the vulnerability only affects dependency installation, it can compromise confidentiality and potentially expose credential files, configuration files, and other sensitive material on the building host.

Affected Systems

pnpm: pnpm packages running any version before 10.28.2 are affected. The issue is triggered when installing local file: or git: dependencies. Packages sourced from public registries are not impacted because the publish process strips symlinks.

Risk and Exploitability

The CVSS score of 6.7 indicates moderate severity. Exploitation requires an attacker to supply a malicious package containing a crafted symlink, a scenario that is possible in developer workspaces or CI/CD pipelines that install dependencies from untrusted sources. The EPSS score of <1% shows a low probability of real‑world exploitation, and the vulnerability is not listed in the KEV catalog. Because the attack vector involves local code execution during installation, the overall risk is contained to environments that use the vulnerable pnpm version and trust local package sources. Nonetheless, a breach can lead to credential theft and unwarranted access if sensitive files are exposed.

Generated by OpenCVE AI on April 18, 2026 at 02:36 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade pnpm to version 10.28.2 or later to apply the published patch.
  • Audit all file: and git: dependencies in the project and remove any that originate from untrusted or unknown sources.
  • Configure CI/CD pipelines to run pnpm installs under a non‑privileged user and restrict or disable the resolution of file: and git: dependencies for untrusted packages.

Generated by OpenCVE AI on April 18, 2026 at 02:36 UTC.

Tracking

Sign in to view the affected projects.

Advisories
Source ID Title
Github GHSA Github GHSA GHSA-m733-5w8f-5ggw pnpm has symlink traversal in file:/git dependencies
History

Thu, 29 Jan 2026 00:15:00 +0000

Type Values Removed Values Added
References
Metrics threat_severity

None

 threat_severity

Moderate

Wed, 28 Jan 2026 17:30:00 +0000

Type Values Removed Values Added
CPEs cpe:2.3:a:pnpm:pnpm:*:*:*:*:*:node.js:*:*
Metrics cvssV3_1

{'score': 6.5, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N'}

Tue, 27 Jan 2026 22:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'poc', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Tue, 27 Jan 2026 09:15:00 +0000

Type Values Removed Values Added
First Time appeared Pnpm
Pnpm pnpm
Vendors & Products Pnpm
Pnpm pnpm

Mon, 26 Jan 2026 22:15:00 +0000

Type Values Removed Values Added
Description pnpm is a package manager. Prior to version 10.28.2, when pnpm installs a `file:` (directory) or `git:` dependency, it follows symlinks and reads their target contents without constraining them to the package root. A malicious package containing a symlink to an absolute path (e.g., `/etc/passwd`, `~/.ssh/id_rsa`) causes pnpm to copy that file's contents into `node_modules`, leaking local data. The vulnerability only affects `file:` and `git:` dependencies. Registry packages (npm) have symlinks stripped during publish and are NOT affected. The issue impacts developers installing local/file dependencies andCI/CD pipelines installing git dependencies. It can lead to credential theft via symlinks to `~/.aws/credentials`, `~/.npmrc`, `~/.ssh/id_rsa`. Version 10.28.2 contains a patch.
Title pnpm has symlink traversal in file:/git dependencies
Weaknesses CWE-22
CWE-59
References
Metrics cvssV4_0

{'score': 6.7, 'vector': 'CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N'}

Subscriptions

Pnpm Pnpm
cve-icon MITRE

Status: PUBLISHED

Assigner: GitHub_M

Published:

Updated: 2026-01-27T21:39:25.061Z

Reserved: 2026-01-20T22:30:11.779Z

Link: CVE-2026-24056

cve-icon Vulnrichment

Updated: 2026-01-27T21:39:21.437Z

cve-icon NVD

Status : Analyzed

Published: 2026-01-26T22:15:56.667

Modified: 2026-01-28T17:27:13.117

Link: CVE-2026-24056

cve-icon Redhat

Severity : Moderate

Publid Date: 2026-01-26T21:59:32Z

Links: CVE-2026-24056 - Bugzilla

cve-icon OpenCVE Enrichment

Updated: 2026-04-18T02:45:27Z

Weaknesses