{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-23888", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "state": "PUBLISHED", "assignerShortName": "GitHub_M", "dateReserved": "2026-01-16T21:02:02.902Z", "datePublished": "2026-01-26T21:37:17.483Z", "dateUpdated": "2026-01-27T21:41:06.094Z"}, "containers": {"cna": {"title": "pnpm: Binary ZIP extraction allows arbitrary file write via path traversal (Zip Slip)", "problemTypes": [{"descriptions": [{"cweId": "CWE-22", "lang": "en", "description": "CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')", "type": "CWE"}]}, {"descriptions": [{"cweId": "CWE-23", "lang": "en", "description": "CWE-23: Relative Path Traversal", "type": "CWE"}]}, {"descriptions": [{"cweId": "CWE-426", "lang": "en", "description": "CWE-426: Untrusted Search Path", "type": "CWE"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N", "version": "3.1"}}], "references": [{"name": "https://github.com/pnpm/pnpm/security/advisories/GHSA-6pfh-p556-v868", "tags": ["x_refsource_CONFIRM"], "url": "https://github.com/pnpm/pnpm/security/advisories/GHSA-6pfh-p556-v868"}, {"name": "https://github.com/pnpm/pnpm/commit/5c382f0ca3b7cc49963b94677426e66539dcb3f5", "tags": ["x_refsource_MISC"], "url": "https://github.com/pnpm/pnpm/commit/5c382f0ca3b7cc49963b94677426e66539dcb3f5"}, {"name": "https://github.com/pnpm/pnpm/releases/tag/v10.28.1", "tags": ["x_refsource_MISC"], "url": "https://github.com/pnpm/pnpm/releases/tag/v10.28.1"}], "affected": [{"vendor": "pnpm", "product": "pnpm", "versions": [{"version": "< 10.28.1", "status": "affected"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2026-01-26T22:00:59.720Z"}, "descriptions": [{"lang": "en", "value": "pnpm is a package manager. Prior to version 10.28.1, a path traversal vulnerability in pnpm's binary fetcher allows malicious packages to write files outside the intended extraction directory. The vulnerability has two attack vectors: (1) Malicious ZIP entries containing `../` or absolute paths that escape the extraction root via AdmZip's `extractAllTo`, and (2) The `BinaryResolution.prefix` field is concatenated into the extraction path without validation, allowing a crafted prefix like `../../evil` to redirect extracted files outside `targetDir`. The issue impacts all pnpm users who install packages with binary assets, users who configure custom Node.js binary locations and CI/CD pipelines that auto-install binary dependencies. It can lead to overwriting config files, scripts, or other sensitive files leading to RCE. Version 10.28.1 contains a patch."}], "source": {"advisory": "GHSA-6pfh-p556-v868", "discovery": "UNKNOWN"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-01-27T21:40:56.936224Z", "id": "CVE-2026-23888", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-01-27T21:41:06.094Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2026-23888", "role": "CISA Coordinator", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2026-01-27T21:40:56.936224Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-01-27T21:41:02.369Z"}}], "cna": {"title": "pnpm: Binary ZIP extraction allows arbitrary file write via path traversal (Zip Slip)", "source": {"advisory": "GHSA-6pfh-p556-v868", "discovery": "UNKNOWN"}, "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 6.5, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N", "integrityImpact": "HIGH", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}}], "affected": [{"vendor": "pnpm", "product": "pnpm", "versions": [{"status": "affected", "version": "< 10.28.1"}]}], "references": [{"url": "https://github.com/pnpm/pnpm/security/advisories/GHSA-6pfh-p556-v868", "name": "https://github.com/pnpm/pnpm/security/advisories/GHSA-6pfh-p556-v868", "tags": ["x_refsource_CONFIRM"]}, {"url": "https://github.com/pnpm/pnpm/commit/5c382f0ca3b7cc49963b94677426e66539dcb3f5", "name": "https://github.com/pnpm/pnpm/commit/5c382f0ca3b7cc49963b94677426e66539dcb3f5", "tags": ["x_refsource_MISC"]}, {"url": "https://github.com/pnpm/pnpm/releases/tag/v10.28.1", "name": "https://github.com/pnpm/pnpm/releases/tag/v10.28.1", "tags": ["x_refsource_MISC"]}], "descriptions": [{"lang": "en", "value": "pnpm is a package manager. Prior to version 10.28.1, a path traversal vulnerability in pnpm's binary fetcher allows malicious packages to write files outside the intended extraction directory. The vulnerability has two attack vectors: (1) Malicious ZIP entries containing `../` or absolute paths that escape the extraction root via AdmZip's `extractAllTo`, and (2) The `BinaryResolution.prefix` field is concatenated into the extraction path without validation, allowing a crafted prefix like `../../evil` to redirect extracted files outside `targetDir`. The issue impacts all pnpm users who install packages with binary assets, users who configure custom Node.js binary locations and CI/CD pipelines that auto-install binary dependencies. It can lead to overwriting config files, scripts, or other sensitive files leading to RCE. Version 10.28.1 contains a patch."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-22", "description": "CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')"}]}, {"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-23", "description": "CWE-23: Relative Path Traversal"}]}, {"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-426", "description": "CWE-426: Untrusted Search Path"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2026-01-26T22:00:59.720Z"}}}, "cveMetadata": {"cveId": "CVE-2026-23888", "state": "PUBLISHED", "dateUpdated": "2026-01-27T21:41:06.094Z", "dateReserved": "2026-01-16T21:02:02.902Z", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "datePublished": "2026-01-26T21:37:17.483Z", "assignerShortName": "GitHub_M"}, "dataVersion": "5.2"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:pnpm:pnpm:*:*:*:*:*:node.js:*:*", "matchCriteriaId": "5AFF60E6-D1CC-46A7-9122-988E9B68D1B9", "versionEndExcluding": "10.28.1", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "pnpm is a package manager. Prior to version 10.28.1, a path traversal vulnerability in pnpm's binary fetcher allows malicious packages to write files outside the intended extraction directory. The vulnerability has two attack vectors: (1) Malicious ZIP entries containing `../` or absolute paths that escape the extraction root via AdmZip's `extractAllTo`, and (2) The `BinaryResolution.prefix` field is concatenated into the extraction path without validation, allowing a crafted prefix like `../../evil` to redirect extracted files outside `targetDir`. The issue impacts all pnpm users who install packages with binary assets, users who configure custom Node.js binary locations and CI/CD pipelines that auto-install binary dependencies. It can lead to overwriting config files, scripts, or other sensitive files leading to RCE. Version 10.28.1 contains a patch."}], "id": "CVE-2026-23888", "lastModified": "2026-01-28T17:47:32.307", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 3.6, "source": "security-advisories@github.com", "type": "Secondary"}]}, "published": "2026-01-26T22:15:56.047", "references": [{"source": "security-advisories@github.com", "tags": ["Patch"], "url": "https://github.com/pnpm/pnpm/commit/5c382f0ca3b7cc49963b94677426e66539dcb3f5"}, {"source": "security-advisories@github.com", "tags": ["Release Notes"], "url": "https://github.com/pnpm/pnpm/releases/tag/v10.28.1"}, {"source": "security-advisories@github.com", "tags": ["Exploit", "Vendor Advisory"], "url": "https://github.com/pnpm/pnpm/security/advisories/GHSA-6pfh-p556-v868"}], "sourceIdentifier": "security-advisories@github.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-22"}, {"lang": "en", "value": "CWE-23"}, {"lang": "en", "value": "CWE-426"}], "source": "security-advisories@github.com", "type": "Primary"}]}

{"bugzilla": {"description": "pnpm: pnpm: Arbitrary file write via path traversal in binary fetcher leading to remote code execution", "id": "2433095", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2433095"}, "csaw": false, "cvss3": {"cvss3_base_score": "6.5", "cvss3_scoring_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N", "status": "draft"}, "cwe": "(CWE-22|CWE-23|CWE-426)", "details": ["A flaw was found in pnpm, a package manager. A path traversal vulnerability in pnpm's binary fetcher allows malicious packages to write files outside the intended extraction directory. This can occur through malicious ZIP entries containing directory traversal sequences (../) or absolute paths, or by a crafted BinaryResolution.prefix field. An attacker could exploit this to overwrite sensitive files, potentially leading to remote code execution (RCE)."], "mitigation": {"lang": "en:us", "value": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability."}, "name": "CVE-2026-23888", "package_state": [{"cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:8", "fix_state": "Fix deferred", "package_name": "org.keycloak-keycloak-parent", "product_name": "Red Hat JBoss Enterprise Application Platform 8"}, {"cpe": "cpe:/a:redhat:jbosseapxp", "fix_state": "Fix deferred", "package_name": "org.keycloak-keycloak-parent", "product_name": "Red Hat JBoss Enterprise Application Platform Expansion Pack"}], "public_date": "2026-01-26T21:37:17Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2026-23888\nhttps://nvd.nist.gov/vuln/detail/CVE-2026-23888\nhttps://github.com/pnpm/pnpm/commit/5c382f0ca3b7cc49963b94677426e66539dcb3f5\nhttps://github.com/pnpm/pnpm/releases/tag/v10.28.1\nhttps://github.com/pnpm/pnpm/security/advisories/GHSA-6pfh-p556-v868"], "statement": "This vulnerability is rated Moderate for Red Hat Enterprise Application Platform. A path traversal flaw in pnpm's binary fetcher allows malicious packages to write files outside the intended directory. This could lead to remote code execution if an attacker can provide a specially crafted package.", "threat_severity": "Moderate"}

{"analysis": {"en": {"generated_at": "2026-04-18T02:37:08.877958+00:00", "value": {"mitigation_remediation": ["Upgrade pnpm to version 10.28.1 or later to receive the fix for the zip\u2011extraction path traversal flaw", "If an upgrade is not immediately possible, restrict or validate the set of packages that include binary assets, for example by whitelisting trusted sources or by using npm\u2011install\u2011ci to enforce checks on extraction paths", "Apply a policy to ensure that any binary dependencies are sourced from repositories with verified signatures or lockfiles, and monitor the installation process for anomalous extraction paths"], "summary": {"action": "Patch Immediately", "impact": "Arbitrary File Write Leading to Possible Remote Code Execution"}, "threat_synthesis": {"affected_systems": "All users of pnpm versions earlier than 10.28.1 who install packages that include binary assets are affected. This includes local developers, teams that accept external packages, and continuous\u2011integration or deployment workflows that automatically resolve and install binary dependencies. Custom Node.js binary configurations or named prefixes that developers configure are also susceptible if used with the affected pnpm release.", "description_and_impact": "A path traversal flaw in pnpm's binary fetcher enables attackers to cause the extractor to write files outside the intended extraction directory. By including ZIP entries that contain ../ sequences or absolute paths, or by supplying a malicious BinaryResolution.prefix that is concatenated without validation, a package can overwrite arbitrary files. This flaw is classified under CWE-22, CWE-23 and CWE-426 and can lead to the replacement of configuration files, scripts, and other important assets, effectively enabling remote code execution on the node application environment.", "risk_and_exploitability": "The CVSS score is 6.5, indicating medium severity. EPSS is reported as less than 1%, suggesting a low estimated exploitation probability, and the vulnerability is not listed in CISA\u2019s KEV catalog. However, because the flaw allows an attacker who can supply a malicious package to write to arbitrary locations, it could lead to the execution of injected code once the malicious binary is executed. The likely attack vector is supply\u2011chain tampering during package installation, commonly via compromised or forged dependencies, which is a realistic threat for projects that fetch from public registries or use CI/CD pipelines that automatically install dependencies."}}}}, "created": "2026-01-27T09:03:22.979956+00:00", "updated": "2026-04-18T02:45:27.279771+00:00", "vendors": ["pnpm", "pnpm$PRODUCT$pnpm"]}