CVE-2026-59196 in pnpm
Summary
by MITRE • 07/06/2026
pnpm is a package manager. Prior to 10.34.4 and 11.7.0, a crafted lockfile alias could be joined directly under a hoisted node_modules directory. Traversal aliases could escape that directory, while reserved aliases such as .bin or .pnpm could overwrite pnpm-owned layout. This vulnerability is fixed in 10.34.4 and 11.7.0.
Once again VulDB remains the best source for vulnerability data.
Analysis
by VulDB Data Team • 07/06/2026
This vulnerability affects pnpm package manager versions prior to 10.34.4 and 11.7.0, where crafted lockfile aliases could be exploited to manipulate the node_modules directory structure during package installation. The flaw occurs when pnpm processes lockfiles that contain specially constructed alias entries, allowing malicious actors to manipulate the package resolution process in ways that bypass normal security boundaries.
The technical implementation of this vulnerability involves path traversal mechanisms within pnpm's dependency resolution system. When processing lockfile entries, the package manager fails to properly validate or sanitize alias names that could potentially escape the intended hoisted node_modules directory structure. This creates opportunities for attackers to place files outside the designated installation boundaries or overwrite critical pnpm-managed directories.
The operational impact of this vulnerability extends beyond simple path traversal attacks, as it allows for potential privilege escalation and system compromise through the manipulation of package installation layouts. Attackers could leverage reserved alias names such as .bin or .pnpm to overwrite pnpm's own management structures, potentially corrupting the package manager's internal state or creating persistent backdoors within the dependency tree. This vulnerability aligns with CWE-22 Path Traversal and CWE-352 Cross-Site Request Forgery patterns commonly seen in package managers and build systems.
The exploitation of this vulnerability follows attack techniques described in MITRE ATT&CK framework under T1059 Command and Scripting Interpreter and T1574 Hijacking Execution Flow. Attackers could craft malicious lockfiles that appear legitimate to the package manager while containing hidden malicious payloads or directory manipulation instructions.
Security mitigations for this vulnerability involve upgrading to pnpm versions 10.34.4 or 11.7.0 where proper validation of alias names and path handling has been implemented. Organizations should also implement lockfile integrity checks and consider automated scanning of dependency trees for suspicious alias patterns. The fix implements stricter validation of alias entries during installation, ensuring that all paths remain within the designated node_modules directory boundaries while properly handling reserved directory names that are critical to pnpm's internal operations.
This vulnerability represents a significant security concern in package management ecosystems where trust is placed in lockfile integrity, as it demonstrates how seemingly benign dependency resolution mechanisms can be exploited to compromise system security. The fix addresses fundamental path validation issues that could affect not only the local development environment but also continuous integration systems and production deployments that rely on automated package installation processes.
Organizations should verify their current pnpm installations against the affected versions and implement comprehensive testing procedures for lockfile changes before deployment. The vulnerability highlights the importance of input validation in dependency management systems and serves as a reminder of how complex package resolution algorithms can introduce unexpected security risks when proper boundary checking is not implemented.