CVE-2026-55697 | pnpm up to 10.34.1/11.5.2 pnpm-workspace.yaml os command injection

Inserito da Angelo Barbosa | Giu 25, 2026 | CVE

A vulnerability classified as critical was found in pnpm up to 10.34.1/11.5.2. This issue affects some unknown processing of the file pnpm-workspace.yaml. Such manipulation leads to os command injection.

This vulnerability is uniquely identified as CVE-2026-55697. The attack can be launched remotely. No exploit exists.

Upgrading the affected component is advised.

CVE-2026-55697 | pnpm up to 10.34.1/11.5.2 pnpm-workspace.yaml os command injection

Post correlati

CVE-2025-6226 | Mattermost up to 9.11.16/10.5.6/10.7.3/10.8.1 Private Channel missing authentication

CVE-2026-30898 | Apache Airflow up to 3.1.x BashOperator dag_run.conf injection

CVE-2025-11657 | ProjectsAndPrograms School Management System up to 6b6fae5426044f89c08d0dd101c7fa71f9042a59 /assets/createNotice.php File unrestricted upload

CVE-2024-50656 | itsourcecode Placement Management System 1.0 registration.php Full Name cross site scripting