CVE-2025-69264High· 8.8▾ Twilightpnpm is a package manager. Versions 10.0.0 through 10.25 allow git-hosted dependencies to execute arbitrary code during pnpm install, circumventing the v10 security feature "Dependency lifecycle scripts execution disabled by default". Wh…
▾ Twilight zone — High severity, or a signal on a lesser flaw
impact 48.4 · likelihood 0.2 · exploitation 0
The latest CVEs are free to read. CVE-2025-69264 is outside the free window — sign in (free) to view the full technical detail, affected versions, references, and raw markdown.