Description
pnpm is a package manager. Prior to 10.34.0 and 11.4.0, `pnpm install` in non-frozen mode can accept new remote package content after detecting that the downloaded tarball does not match the integrity recorded in pnpm-lock.yaml. When a package is already locked with an integrity value, and the registry later serves different metadata and tarball content for the same package name and version, pnpm initially reports an integrity mismatch. However, plain pnpm install then performs a resolution repair, accepts the registry's new integrity, updates the lockfile, installs the new content, and exits successfully. This means the lockfile integrity check does not act as a hard stop by default. This vulnerability is fixed in 10.34.0 and 11.4.0.
Published: 2026-06-25
Score: 6.8 Medium
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

pnpm, a JavaScript package manager, has a defect in versions prior to 10.34.0 and 11.4.0 that permits a package to be silently replaced when the integrity hash recorded in pnpm-lock.yaml no longer matches the tarball obtained from the registry. When an integrity mismatch is detected in non‑frozen mode, pnpm automatically performs a resolution repair, updates the lockfile with a new integrity value, installs the new content, and exits successfully, thereby bypassing the intended hard stop. This flaw enables a malicious party to substitute a trusted package with compromised code, compromising the supply chain integrity of the application that relies on pnpm. The weakness involves improper integrity enforcement (CWE-345) and improper handling of external data (CWE-494).

Affected Systems

pnpm version 10.33.x and earlier as well as any 11.x release before 11.4.0 are vulnerable. Systems that use pnpm install in non‑frozen mode and rely on the lockfile integrity check are affected.

Risk and Exploitability

The vulnerability has a CVSS score of 6.8, indicating moderate severity. The EPSS score is less than 1%, and it is not listed in the CISA KEV catalog, suggesting no widespread exploitation has been reported. Based on the description, it is inferred that the attack vector requires an attacker who controls or compromises the package registry to deliver altered metadata and tarball content for a package name and version that is already locked. Because pnpm automatically updates the lockfile, the compromise would be stealthy unless detected through other monitoring mechanisms.

Generated by OpenCVE AI on July 17, 2026 at 02:38 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade pnpm to 10.34.0 or later, or to 11.4.0 or later.
  • Run pnpm install with the --frozen-lockfile flag (or set freezeLockfile to true) to prevent automatic resolution repairs.
  • Use authenticated, trusted registries and regularly monitor lockfile changes for unexpected modifications.

Generated by OpenCVE AI on July 17, 2026 at 02:38 UTC.

Tracking

Sign in to view the affected projects.

Advisories
Source ID Title
Github GHSA Github GHSA GHSA-54hh-g5mx-jqcp pnpm: Unsafe default behavior breaks integrity check
History

Tue, 07 Jul 2026 00:15:00 +0000

Type Values Removed Values Added
Weaknesses CWE-494
References
Metrics threat_severity

None

threat_severity

Moderate


Thu, 25 Jun 2026 21:30:00 +0000

Type Values Removed Values Added
First Time appeared Pnpm
Pnpm pnpm
Vendors & Products Pnpm
Pnpm pnpm

Thu, 25 Jun 2026 18:30:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'poc', 'Technical Impact': 'partial'}, 'version': '2.0.3'}


Thu, 25 Jun 2026 17:30:00 +0000

Type Values Removed Values Added
Description pnpm is a package manager. Prior to 10.34.0 and 11.4.0, `pnpm install` in non-frozen mode can accept new remote package content after detecting that the downloaded tarball does not match the integrity recorded in pnpm-lock.yaml. When a package is already locked with an integrity value, and the registry later serves different metadata and tarball content for the same package name and version, pnpm initially reports an integrity mismatch. However, plain pnpm install then performs a resolution repair, accepts the registry's new integrity, updates the lockfile, installs the new content, and exits successfully. This means the lockfile integrity check does not act as a hard stop by default. This vulnerability is fixed in 10.34.0 and 11.4.0.
Title pnpm: Unsafe default behavior breaks integrity check
Weaknesses CWE-345
References
Metrics cvssV3_1

{'score': 6.8, 'vector': 'CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N'}


cve-icon MITRE

Status: PUBLISHED

Assigner: GitHub_M

Published:

Updated: 2026-06-26T03:56:17.356Z

Reserved: 2026-06-04T21:34:34.427Z

Link: CVE-2026-50573

cve-icon Vulnrichment

Updated: 2026-06-25T17:54:48.775Z

cve-icon NVD

No data.

cve-icon Redhat

Severity : Moderate

Publid Date: 2026-06-25T16:50:21Z

Links: CVE-2026-50573 - Bugzilla

cve-icon OpenCVE Enrichment

Updated: 2026-07-17T02:45:08Z

Weaknesses
  • CWE-345

    Insufficient Verification of Data Authenticity

  • CWE-494

    Download of Code Without Integrity Check