CVE-2026-50016 | pnpm up to 10.33.3/11.3.x path traversal

June 25, 2026 Yanac

A vulnerability marked as critical has been reported in pnpm up to 10.33.3/11.3.x. Affected by this issue is some unknown functionality. The manipulation leads to relative path traversal.

This vulnerability is traded as CVE-2026-50016. It is possible to initiate the attack remotely. There is no exploit available.

It is suggested to upgrade the affected component.VulDB Recent EntriesRead More