CVE-2025-69264
published 2026-01-07CVE-2025-69264: pnpm is a package manager. Versions 10.0.0 through 10.25 allow git-hosted dependencies to execute arbitrary code during pnpm install, circumventing the v10…
PriorityP270critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
EPSS
1.02%
59.2th percentile
pnpm is a package manager. Versions 10.0.0 through 10.25 allow git-hosted dependencies to execute arbitrary code during pnpm install, circumventing the v10 security feature "Dependency lifecycle scripts execution disabled by default". While pnpm v10 blocks postinstall scripts via the onlyBuiltDependencies mechanism, git dependencies can still execute prepare, prepublish, and prepack scripts during the fetch phase, enabling remote code execution without user consent or approval. This issue is fixed in version 10.26.0.
Affected
3 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| pnpm | pnpm | — | — |
| pnpm | pnpm | >= 10.0.0 < 10.26.0 | 10.26.0 |
| pnpm | pnpm | >= 10.0.0 < 10.26.0 | 10.26.0 |
Detection & IOCsextracted from sources · hover to see the quote
- →Monitor for execution of prepare, prepublish, or prepack lifecycle scripts during pnpm install fetch phase, particularly when installing git-hosted dependencies — these scripts can execute arbitrary code even when onlyBuiltDependencies is configured ↗
- →Detect pnpm installs that reference git-hosted dependencies (e.g., git+https://, github:, gitlab: prefixes in package.json or pnpm-lock.yaml) as a risk indicator for this bypass technique ↗
- →Researchers confirmed a proof-of-concept abusing a related git-dependency script execution technique to create a reverse shell; monitor for unexpected outbound network connections spawned from pnpm install child processes ↗
- ·The pnpm v10 onlyBuiltDependencies mechanism (intended to block postinstall scripts) does NOT protect against script execution for git-hosted dependencies; prepare, prepublish, and prepack scripts still run during the fetch phase regardless of this setting ↗
- ·The 'Dependency lifecycle scripts execution disabled by default' security feature introduced in pnpm v10 is bypassed by this vulnerability for git-hosted dependencies; do not rely on this control alone when git dependencies are present ↗
CVSS provenance
nvdv3.19.8CRITICALCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
vendor_redhat8.8HIGH
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
pnpm v10+ Bypass "Dependency lifecycle scripts execution disabled by default"
ghsa·2026-01-07
CVE-2025-69264 [HIGH] CWE-693 pnpm v10+ Bypass "Dependency lifecycle scripts execution disabled by default"
pnpm v10+ Bypass "Dependency lifecycle scripts execution disabled by default"
# pnpm v10+ Git Dependency Script Execution Bypass
### Summary
A security bypass vulnerability in pnpm v10+ allows git-hosted dependencies to execute arbitrary code during `pnpm install`, circumventing the v10 security feature "Dependency lifecycle scripts execution disabled by default". While pnpm v10 blocks `postinstall` scripts via the `onlyBuiltDependencies` mechanism, git dependencies can still execute `prepare`, `prepublish`, and `prepack` scripts during the fetch phase, enabling remote code execution without user consent or approval.
### Details
pnpm v10 introduced a security feature to disable dependency lifecycle scripts by default ([PR #8897](https://github.com/pnpm/pnpm/pull/8897)). This is implem
OSV
pnpm v10+ Bypass "Dependency lifecycle scripts execution disabled by default"
osv·2026-01-07
CVE-2025-69264 [HIGH] pnpm v10+ Bypass "Dependency lifecycle scripts execution disabled by default"
pnpm v10+ Bypass "Dependency lifecycle scripts execution disabled by default"
# pnpm v10+ Git Dependency Script Execution Bypass
### Summary
A security bypass vulnerability in pnpm v10+ allows git-hosted dependencies to execute arbitrary code during `pnpm install`, circumventing the v10 security feature "Dependency lifecycle scripts execution disabled by default". While pnpm v10 blocks `postinstall` scripts via the `onlyBuiltDependencies` mechanism, git dependencies can still execute `prepare`, `prepublish`, and `prepack` scripts during the fetch phase, enabling remote code execution without user consent or approval.
### Details
pnpm v10 introduced a security feature to disable dependency lifecycle scripts by default ([PR #8897](https://github.com/pnpm/pnpm/pull/8897)). This is implem
Red Hat
pnpm: pnpm code execution
vendor_redhat·2026-01-07·CVSS 8.8
CVE-2025-69264 [HIGH] CWE-693 pnpm: pnpm code execution
pnpm: pnpm code execution
pnpm is a package manager. Versions 10.0.0 through 10.25 allow git-hosted dependencies to execute arbitrary code during pnpm install, circumventing the v10 security feature "Dependency lifecycle scripts execution disabled by default". While pnpm v10 blocks postinstall scripts via the onlyBuiltDependencies mechanism, git dependencies can still execute prepare, prepublish, and prepack scripts during the fetch phase, enabling remote code execution without user consent or approval. This issue is fixed in version 10.26.0.
A code execution vector has been discovered in pnpm. Versions 10.0.0 through 10.25 allow git-hosted dependencies to execute arbitrary code during pnpm install, circumventing the v10 security feature "Dependency lifecycle scripts execution disabled b
No detection rules found.
No public exploits indexed.
Bleepingcomputer
Hackers can bypass npm’s Shai-Hulud defenses via Git dependencies
blogs_bleepingcomputer·2026-01-26
Hackers can bypass npm’s Shai-Hulud defenses via Git dependencies
## Hackers can bypass npm’s Shai-Hulud defenses via Git dependencies
## Bill Toulas
The defense mechanisms that NPM introduced after the 'Shai-Hulud' supply-chain attacks have weaknesses that allow threat actors to bypass them via Git dependencies.
Collectively called PackageGate, the vulnerabilities were discovered in multiple utilities in the JavaScript ecosystem that allow managing dependencies, like pnpm, vlt, Bun, and NPM.
Researchers at endpoint and supply-chain security company Koi discovered the issues and reported them to the vendors. They say that the problems were addressed in all tools except for NPM, who closed the report stating that the behavior "works as expected."
## Script execution bypass
The self-spreading Shai-Hulud supply-chain attack initially impacted npm in m
Wiz
CVE-2025-69264 Impact, Exploitability, and Mitigation Steps | Wiz
blogs_wiz·CVSS 8.8
CVE-2025-69264 [HIGH] CVE-2025-69264 Impact, Exploitability, and Mitigation Steps | Wiz
## CVE-2025-69264 :
JavaScript vulnerability analysis and mitigation
pnpm is a package manager. Versions 10.0.0 through 10.25 allow git-hosted dependencies to execute arbitrary code during pnpm install, circumventing the v10 security feature "Dependency lifecycle scripts execution disabled by default". While pnpm v10 blocks postinstall scripts via the onlyBuiltDependencies mechanism, git dependencies can still execute prepare, prepublish, and prepack scripts during the fetch phase, enabling remote code execution without user consent or approval. This issue is fixed in version 10.26.0.
Source : NVD
## 9.8
Score
Published January 7, 2026
Severity CRITICAL
CNA Score 8.8
Affected Technologies
JavaScript
NixOS
Has Public Exploit Yes
Has CISA KEV Exploit No
CISA KEV Release Date
Bugzilla
CVE-2025-69264 nodejs-pnpm: pnpm code execution [fedora-42]
bugzilla·2026-01-07·CVSS 9.8
CVE-2025-69264 [CRITICAL] CVE-2025-69264 nodejs-pnpm: pnpm code execution [fedora-42]
CVE-2025-69264 nodejs-pnpm: pnpm code execution [fedora-42]
Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process.
The following link provides references to all essential vulnerability management information. If something is wrong or missing, please contact a member of PSIRT.
https://spaces.redhat.com/display/PRODSEC/Vulnerability+Management+-+Essential+Documents+for+Engineering+Teams
Discussion:
This message is a reminder that Fedora Linux 42 is nearing its end of life.
Fedora will stop maintaining and issuing updates for Fedora Linux 42 on 2026-05-13.
It is Fedora's policy to close all bug reports from releases that a
https://github.com/pnpm/pnpm/commit/73cc63504d9bc360c43e4b2feb9080677f03c5b5https://github.com/pnpm/pnpm/security/advisories/GHSA-379q-355j-w6rjhttps://access.redhat.com/security/cve/CVE-2025-69264https://bugzilla.redhat.com/show_bug.cgi?id=2427709https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-69264.json
2026-01-07
Published