CVE-2026-55700 | pnpm up to 11.5.2 Manifest name/version path traversal

Inserito da Angelo Barbosa | Giu 25, 2026 | CVE

A vulnerability was found in pnpm up to 11.5.2. It has been classified as critical. This impacts an unknown function of the component Manifest Handler. This manipulation of the argument name/version causes path traversal.

This vulnerability is tracked as CVE-2026-55700. The attack is possible to be carried out remotely. No exploit exists.

Upgrading the affected component is recommended.

CVE-2026-55700 | pnpm up to 11.5.2 Manifest name/version path traversal

Post correlati

CVE-2025-15117 | Dromara Sa-Token up to 1.44.0 SaJdkSerializer.java ObjectInputStream.readObject deserialization

CVE-2022-45826 | WP Sunshine Sunshine Photo Cart Plugin up to 2.9.13 on WordPress authorization

CVE-2025-24008 | Siemens SIRIUS Safety Relays 3SK2 cleartext transmission (ssa-222768)

CVE-2024-49843 | Qualcomm Snapdragon Auto up to WSA8845H IOCTL array index