CVE ID :CVE-2026-50016 Published : June 25, 2026, 4:53 p.m. | 4 hours, 18 minutes ago Description :pnpm is a package manager. Prior to 10.34.0 and 11.4.0, pnpm allows a transitive dependency alias from registry package metadata to contain path traversal segments. During install, pnpm later...

#Sicherheitslücke

Original-Artikel öffnen Zurück zur Übersicht

ARTICLEVIEW

CVE-2026-50016 - pnpm: Transitive dependency alias path traversal allows project path override via symlink replacement

VERWANDTEARTIKEL

USN-8477-1: tar vulnerability

CVE-2026-56445 - pydicom pynetdicom Library Path Traversal

CVE-2026-12473 - OHIF Viewers DICOM Server-Side request forgery

CVE-2026-6679 - DTLS 1.3 ACK serialization heap buffer overflow via integer truncation

CVE-2026-11310 - X.509 trust-chain bypass in wolfSSL_X509_verify_cert() via untrusted intermediate anchoring

CVE-2026-55958 - Renesas TSIP TLS 1.3 transcript buffer out-of-bounds write in tsip_StoreMessage