CVE-2026-50021 | pnpm up to 10.33.x/11.3.x pnpm-lock.yaml Integrity integrity check

A vulnerability was found in pnpm up to 10.33.x/11.3.x and classified as problematic. Impacted is an unknown function of the file pnpm-lock.yaml. Executing a manipulation of the argument Integrity can lead to improper validation of integrity check value.

This vulnerability is tracked as CVE-2026-50021. The attack can be launched remotely. No exploit exists.

It is suggested to upgrade the affected component.VulDB Recent EntriesRead More