Listen to this Post
CVE-2026-50014 is a critical argument injection vulnerability in pnpm, a popular package manager for Node.js. The flaw resides in how pnpm handles Git dependencies defined in the lockfile (pnpm-lock.yaml). During the installation process, pnpm executes `git fetch` and `git checkout` commands to retrieve the source code for these dependencies. The vulnerable code path, located in fetching/git-fetcher/src/index.ts, takes the `resolution.commit` value directly from the lockfile and appends it to these Git commands without any sanitization or validation.
Specifically, when a Git dependency is configured for shallow fetching, pnpm runs a command like git fetch --depth 1 origin <commit>. The `resolution.commit` value is placed before a `–` separator, allowing Git to parse a value beginning with a dash (-) as a command-line option rather than a commit hash. A malicious actor can exploit this by modifying the `pnpm-lock.yaml` file to replace the legitimate 40-character commit hash with a malicious Git option, such as --upload-pack=<command>.
The `–upload-pack` option is particularly dangerous because it specifies the command that Git should execute on the server side during a fetch operation. For SSH and local Git transports, this allows the execution of arbitrary system commands. The injected command is executed with the privileges of the user running pnpm install. While HTTPS transports ignore the `–upload-pack` option, making the common case immune, the vulnerability poses a significant risk in environments that rely on SSH or local Git dependencies. The vulnerability affects pnpm versions prior to 10.34.0 and 11.4.0 and is fixed in those releases.
DailyCVE Form:
Platform: pnpm (npm/pnpm)
Version: <10.34.0, <11.4.0
Vulnerability: Argument Injection
Severity: Critical
date: 2026-06-25
Prediction: 2026-06-26
What Undercode Say:
Exploit PoC from the bash autofyn_audit/exploits/vuln11_git_upload_pack_rce/exploit.sh Creates a local bare git repo and triggers the shallow-fetch path. Replaces the lockfile commit hash with '--upload-pack=touch /tmp/vuln11_pwned'. Result: PASS -- /tmp/vuln11_pwned created by injected touch command.
Exploit:
To exploit CVE-2026-50014, an attacker must first gain the ability to modify the `pnpm-lock.yaml` file that a victim will use. This could be achieved through a supply chain attack, such as compromising a dependency or a package registry. The attacker then alters the `resolution.commit` field for a Git dependency to a value like `–upload-pack=id` or --upload-pack=touch /tmp/pwned. When the victim runs pnpm install, pnpm executes git fetch --depth 1 origin --upload-pack=id. If the dependency uses an SSH or local Git transport, the `git fetch` command will execute the attacker’s command. The ‘s proof-of-concept demonstrates this by using a local `file://` repository to trigger the injection and execute a `touch` command, creating a file to confirm successful exploitation.
Protection:
- Upgrade pnpm: The most effective protection is to upgrade to pnpm version 10.34.0 or 11.4.0, which contain the fix for this vulnerability.
- Validate Input: Implement validation for the `resolution.commit` value to ensure it matches a 40-character hexadecimal string (
/^[0-9a-f]{40}$/i) before passing it to Git commands. - Use `–` Separator: Always use a `–` separator in Git commands before any user-controlled or lockfile-controlled values to prevent them from being interpreted as command-line options.
- Prefer HTTPS: Where possible, use HTTPS for Git dependencies, as this transport method ignores the `–upload-pack` option and is not vulnerable to this specific attack vector.
Impact:
Successful exploitation of CVE-2026-50014 allows an attacker to achieve arbitrary code execution on the system where `pnpm install` is run. The attacker can execute any command with the privileges of the user running the installation process. This could lead to a complete compromise of the development or build environment, including data theft, installation of malware, or further lateral movement within a network. The vulnerability is particularly dangerous in CI/CD pipelines or automated build systems, where a compromised lockfile could lead to widespread and silent breaches. The attack requires the dependency to use SSH or local Git transport, but this is a common configuration in many projects.
🎯Let’s Practice Exploiting & Learn Patching For Free:
🎓 Live Courses & Certifications:
Join Undercode Academy for Verified Certifications
🚀 Request a Custom Project:
Secure, high-velocity infrastructure and disruptive technological engineering. Contact our engineering team for high-tier development and proprietary systems:
[email protected]
💎 Smart Architecture | 🛡️ Secure by Design | ⭐ Trusted by Thousands
Sources:
Reported By: github.com
Extra Source Hub:
Undercode
