CVE-2026-48995
HighCVSS 7.5Exploitation Probability (EPSS)
Low risk2th percentile — higher than 2% of all known CVEs
Summary
A vulnerability in pnpm package manager prior to versions 10.33.4 and 11.0.7 allows a malicious codeload.github.com server to serve arbitrary tarballs, which pnpm will install regardless of the lockfile. The lockfile does not store hashes for dependencies from this server, enabling package substitution.
Risk Assessment
The risk is that pnpm may install malicious packages instead of legitimate ones, potentially leading to system compromise, data theft, or application takeover.
Recommendation
Immediately upgrade pnpm to version 10.33.4 or 11.0.7, which include a fix for this vulnerability.
Original NVD description (English source)
pnpm is a package manager. Prior to 10.33.4 and 11.0.7, a malicious codeload.github.com server can serve whatever tarball it wants and pnpm will install it regardless of the lockfile. The lockfile does not store the hash of the dependencies from https://codeload.github.com. This means that if this server was compromised or a person's machine configuration was compromised, pnpm would download and install these dependencies. This vulnerability is fixed in 10.33.4 and 11.0.7.

