Login Sign Up

Pnpm Security Vulnerabilities (CVEs)

Track 6 security vulnerabilities affecting Pnpm products and software. Get instant email alerts when new CVEs are discovered, automated security monitoring, and patch guidance.

1 Critical
4 High
1 Medium
🔔 Get Alerts for Pnpm
CVE-2025-69262 7.5

This CVE describes a command injection vulnerability in pnpm package manager versions 6.25.0 through 10.26.2. Attackers who can control environment va...

Jan 7, 2026
CVE-2025-69263 7.5

This CVE allows attackers to serve malicious code through HTTP tarball dependencies in pnpm packages. The lockfile fails to provide integrity verifica...

Jan 7, 2026
CVE-2025-69264 8.8

This vulnerability in pnpm package manager versions 10.0.0 through 10.25 allows git-hosted dependencies to execute arbitrary code during installation....

Jan 7, 2026
CVE-2024-47829 6.5

This vulnerability in pnpm (package manager) uses MD5 hashing for path shortening, which can cause collisions where two different libraries get stored...

Apr 23, 2025
CVE-2024-53866 9.8

This vulnerability in pnpm package manager allows malicious npm packages to bypass security controls and execute arbitrary code during installation. I...

Dec 10, 2024
CVE-2023-37478 7.5

This vulnerability in pnpm allows attackers to create specially crafted tarballs that appear safe when inspected on npm registry or installed via npm,...

Aug 1, 2023

Why Monitor Pnpm Security Vulnerabilities?

Real-time CVE tracking: Our automated system monitors 6+ known vulnerabilities affecting Pnpm products and software packages. Stay ahead of emerging threats with instant email notifications when new security issues are discovered.

Automated security monitoring: Unlike manual CVE checking, FixTheCVE automatically scans your servers and detects vulnerable Pnpm packages in under 60 seconds. No agents required - completely agentless scanning that works across Pnpm deployments.

Free vulnerability database: Access detailed information about every Pnpm CVE including CVSS scores, severity ratings, affected versions, and actionable patch guidance. Filter by critical, high, medium, or low severity to prioritize your security remediation efforts.

🚀 Get Started in 60 Seconds

  • Register free account & add your servers
  • Run one-time scan or schedule automatic monitoring (every 1-24 hours)
  • Receive instant alerts when new Pnpm CVEs affect your systems
  • Access dashboard with severity breakdown & fix instructions
Start Monitoring Pnpm CVEs Free