CVE-2026-55700 - pnpm stage download symlink traversal

pnpm can build stage-download symlink targets from crafted package names and write outside the intended directory tree. In untrusted install paths this is a filesystem write primitive that can corrupt workspaces or privileged runners.

Affected versions

  • Vulnerable: pnpm <10.34.3
  • Vulnerable: pnpm >=11.0.0, <11.5.3
  • Fixed: 10.34.3+ or 11.5.3+

Indicator-of-exposure

  • Vulnerable pnpm is used in CI, local bootstrap, or build images.
  • The install path processes untrusted package names or lockfile content.

Remediation strategy

  • Upgrade pnpm to 10.34.3+ or 11.5.3+ everywhere it is controlled.
  • Reject traversal-shaped package names and prove final symlink targets stay under the intended root before filesystem writes.
  • Run untrusted installs without publish, deploy, or signing credentials.

The prompt

Model context: this prompt was generated by GPT 5.5 Extra High reasoning.

Remediate CVE-2026-55700 in pnpm. Produce either a reviewer-ready PR that
upgrades pnpm, hardens repository-controlled symlink/path validation, and
documents operator cleanup, or TRIAGE.md if this repo does not control the
affected pnpm runtime.

Rules:
- Scope only pnpm pins, install tooling, lockfile validation, CI jobs, and images.
- Do not create traversal-shaped symlinks outside the repository during validation.

Steps:
1. Inventory all controlled pnpm versions and install paths.
2. Upgrade every vulnerable pin to 10.34.3+ or 11.5.3+.
3. Add or verify path-boundary checks before symlink creation.
4. Validate trusted install flows and repository tests.
5. Use PR title `fix(sec): remediate pnpm stage-download symlink traversal`.

Verification

  • No controlled pnpm environment remains vulnerable.
  • Repository-controlled path helpers reject traversal-shaped symlink targets.

References