← All advisoriesImportant severity8.8NVD Advisory· Published Jun 25, 2026pnpm: pnpm: Arbitrary code execution via malicious package-manager lockfileCVE-2026-55698Descriptionpnpm: pnpm: Arbitrary code execution via malicious package-manager lockfileAffected products2Pnpm/Pnpminferred2 versions(expand)+ 1 more(no CPE)(no CPE)PatchesVulnerability mechanicsNews mentions0No linked articles in our index yet.