Impact
pnpm versions before 10.34.2 on the 10.x series and before 11.5.3 on the 11.x series contain a flaw in the peer‑suffix normalization routine that removes parenthesized text from git, URL, tarball, file, and other opaque locators. This behavior allows a crafted source string to normalize to the same value as an already approved source, effectively spoofing a trusted dependency. The poisoned dependency can then be fetched and executed during a pnpm installation, giving an attacker the ability to run arbitrary code on a system that trusts pnpm.
Affected Systems
All installations of pnpm older than 10.34.2 or 11.5.3, including developers’ local environments and continuous‑integration pipelines that resolve dependencies with these versions, are affected. Any party that can influence a package.json or lockfile that pnpm processes runs the risk of inadvertently installing a malicious source.
Risk and Exploitability
The severity of this vulnerability is indicated by a CVSS score of 7.5, a moderate‑to‑high score that represents a significant threat. The EPSS value of <1% shows that exploitation is unlikely but not impossible, and the vulnerability is not currently listed in the CISA KEV catalog. Based on the description, it is inferred that an attacker who can alter a dependency specification—such as by modifying a package.json file, a lockfile, or by publishing a new package that pnpm will resolve—can supply a crafted source that bypasses approval checks. If the attacker controls the publishing of a package that vulnerable pnpm installations will resolve, remote delivery of malicious code is plausible.
OpenCVE Enrichment
Github GHSA