A vulnerability was found in pnpm up to 10.33.3/11.3.x and classified as problematic . This affects an unknown function. The manipulation results in information disclosure. This vulnerability is identified as CVE-2026-50017 . The attack can be executed remotely. There is not any exploit available. It is suggested to upgrade the affected component.