CVE-2024-53866
published 2024-12-10CVE-2024-53866: The package manager pnpm prior to version 9.15.0 seems to mishandle overrides and global cache: Overrides from one workspace leak into npm metadata saved in…
PriorityP260critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
EPSS
0.94%
56.5th percentile
The package manager pnpm prior to version 9.15.0 seems to mishandle overrides and global cache: Overrides from one workspace leak into npm metadata saved in global cache; npm metadata from global cache affects other workspaces; and installs by default don't revalidate the data (including on first lockfile generation). This can make workspace A (even running with `ignore-scripts=true`) posion global cache and execute scripts in workspace B. Users generally expect `ignore-scripts` to be sufficient to prevent immediate code execution on install (e.g. when the tree is just repacked/bundled without executing it). Here, that expectation is broken. Global state integrity is lost via operations that one would expect to be secure, enabling subsequently running arbitrary code execution on installs. Version 9.15.0 fixes the issue. As a work-around, use separate cache and store dirs in each workspace.
Affected
3 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| pnpm | pnpm | < 9.15.0 | 9.15.0 |
| pnpm | pnpm | >= 0 < 9.15.0 | 9.15.0 |
| pnpm | pnpm | >= 6.25.0 < 10.27.0 | 10.27.0 |
CVSS provenance
nvdv3.19.8CRITICALCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
nvdv4.05.8MEDIUMCVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:P/VC:N/VI:L/VA:N/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
OSV
pnpm vulnerable to Command Injection via environment variable substitution
osv·2026-01-07
CVE-2025-69262 [HIGH] pnpm vulnerable to Command Injection via environment variable substitution
pnpm vulnerable to Command Injection via environment variable substitution
## Summary
A command injection vulnerability exists in pnpm when using environment variable substitution in `.npmrc` configuration files with `tokenHelper` settings. An attacker who can control environment variables during pnpm operations could achieve remote code execution (RCE) in build environments.
## Affected Components
- **Package**: pnpm
- **Versions**: All versions using `@pnpm/config.env-replace` and `loadToken` functionality
- **File**: `pnpm/network/auth-header/src/getAuthHeadersFromConfig.ts` - `loadToken()` function
- **File**: `pnpm/config/config/src/readLocalConfig.ts` - `.npmrc` environment variable substitution
## Technical Details
### Vulnerability Chain
1. **Environment Variable Substitutio
GHSA
pnpm vulnerable to Command Injection via environment variable substitution
ghsa·2026-01-07
CVE-2025-69262 [HIGH] CWE-78 pnpm vulnerable to Command Injection via environment variable substitution
pnpm vulnerable to Command Injection via environment variable substitution
## Summary
A command injection vulnerability exists in pnpm when using environment variable substitution in `.npmrc` configuration files with `tokenHelper` settings. An attacker who can control environment variables during pnpm operations could achieve remote code execution (RCE) in build environments.
## Affected Components
- **Package**: pnpm
- **Versions**: All versions using `@pnpm/config.env-replace` and `loadToken` functionality
- **File**: `pnpm/network/auth-header/src/getAuthHeadersFromConfig.ts` - `loadToken()` function
- **File**: `pnpm/config/config/src/readLocalConfig.ts` - `.npmrc` environment variable substitution
## Technical Details
### Vulnerability Chain
1. **Environment Variable Substitutio
GHSA
pnpm no-script global cache poisoning via overrides / `ignore-scripts` evasion
ghsa·2024-12-10
CVE-2024-53866 [MEDIUM] CWE-346 pnpm no-script global cache poisoning via overrides / `ignore-scripts` evasion
pnpm no-script global cache poisoning via overrides / `ignore-scripts` evasion
### Summary
pnpm seems to mishandle overrides and global cache:
1. Overrides from one workspace leak into npm metadata saved in global cache
2. npm metadata from global cache affects other workspaces
3. installs by default don't revalidate the data (including on first lockfile generation)
This can make workspace A (even running with `ignore-scripts=true`) posion global cache and execute scripts in workspace B
Users generally expect `ignore-scripts` to be sufficient to prevent immediate code execution on install (e.g. when the tree is just repacked/bundled without executing it).
Here, that expectation is broken
### Details
See PoC.
In it, overrides from a single run of A get leaked into e.g. `~/Library/Ca
OSV
pnpm no-script global cache poisoning via overrides / `ignore-scripts` evasion
osv·2024-12-10
CVE-2024-53866 [MEDIUM] pnpm no-script global cache poisoning via overrides / `ignore-scripts` evasion
pnpm no-script global cache poisoning via overrides / `ignore-scripts` evasion
### Summary
pnpm seems to mishandle overrides and global cache:
1. Overrides from one workspace leak into npm metadata saved in global cache
2. npm metadata from global cache affects other workspaces
3. installs by default don't revalidate the data (including on first lockfile generation)
This can make workspace A (even running with `ignore-scripts=true`) posion global cache and execute scripts in workspace B
Users generally expect `ignore-scripts` to be sufficient to prevent immediate code execution on install (e.g. when the tree is just repacked/bundled without executing it).
Here, that expectation is broken
### Details
See PoC.
In it, overrides from a single run of A get leaked into e.g. `~/Library/Ca
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2024-12-10
Published