CVE-2026-55700 - pnpm stage download symlink traversal
pnpm can build stage-download symlink targets from crafted package names and write outside the intended directory tree. In untrusted install paths this is a filesystem write primitive that can corrupt workspaces or privileged runners.
Affected versions
- Vulnerable:
pnpm <10.34.3 - Vulnerable:
pnpm >=11.0.0, <11.5.3 - Fixed:
10.34.3+or11.5.3+
Indicator-of-exposure
- Vulnerable pnpm is used in CI, local bootstrap, or build images.
- The install path processes untrusted package names or lockfile content.
Remediation strategy
- Upgrade pnpm to
10.34.3+or11.5.3+everywhere it is controlled. - Reject traversal-shaped package names and prove final symlink targets stay under the intended root before filesystem writes.
- Run untrusted installs without publish, deploy, or signing credentials.
The prompt
Model context: this prompt was generated by GPT 5.5 Extra High reasoning.
Remediate CVE-2026-55700 in pnpm. Produce either a reviewer-ready PR that
upgrades pnpm, hardens repository-controlled symlink/path validation, and
documents operator cleanup, or TRIAGE.md if this repo does not control the
affected pnpm runtime.
Rules:
- Scope only pnpm pins, install tooling, lockfile validation, CI jobs, and images.
- Do not create traversal-shaped symlinks outside the repository during validation.
Steps:
1. Inventory all controlled pnpm versions and install paths.
2. Upgrade every vulnerable pin to 10.34.3+ or 11.5.3+.
3. Add or verify path-boundary checks before symlink creation.
4. Validate trusted install flows and repository tests.
5. Use PR title `fix(sec): remediate pnpm stage-download symlink traversal`.
Verification
- No controlled pnpm environment remains vulnerable.
- Repository-controlled path helpers reject traversal-shaped symlink targets.
References
- GitHub Advisory Database entry: https://github.com/advisories?query=CVE-2026-55700
- GitLab advisory mirror: https://advisories.gitlab.com/pkg/npm/pnpm/CVE-2026-55700/