Important severity8.2OSV Advisory· Published Jul 6, 2026
pnpm: pnpm: Path traversal in configDependencies env lockfile allows symlink creation outside node_modules/.pnpm-config
CVE-2026-59195
Description
pnpm: pnpm: Path traversal in configDependencies env lockfile allows symlink creation outside node_modules/.pnpm-config
Affected products
2Patches
Vulnerability mechanics
News mentions
0No linked articles in our index yet.