CVE ID :CVE-2026-55698 Published : June 25, 2026, 4:43 p.m. | 4 hours, 27 minutes ago Description :pnpm is a package manager. Prior to 10.34.2 and 11.5.3, pnpm can persist package-manager bootstrap metadata in the first YAML document of pnpm-lock.yaml. Before the patch, direct pnpm execution...

#Sicherheitslücke #Update

Original-Artikel öffnen Zurück zur Übersicht

ARTICLEVIEW

CVE-2026-55698 - pnpm: Project env lockfile can short-circuit package-manager resolution and execute lockfile-selected pnpm bytes

VERWANDTEARTIKEL

USN-8477-1: tar vulnerability

CVE-2026-56445 - pydicom pynetdicom Library Path Traversal

CVE-2026-12473 - OHIF Viewers DICOM Server-Side request forgery

CVE-2026-6679 - DTLS 1.3 ACK serialization heap buffer overflow via integer truncation

CVE-2026-11310 - X.509 trust-chain bypass in wolfSSL_X509_verify_cert() via untrusted intermediate anchoring

CVE-2026-55958 - Renesas TSIP TLS 1.3 transcript buffer out-of-bounds write in tsip_StoreMessage