A vulnerability classified as problematic has been found in pnpm up to 10.34.1/11.5.2 . This vulnerability affects unknown code of the file pnpm-workspace.yaml . This manipulation causes information disclosure. This vulnerability is handled as CVE-2026-55180 . The attack can be initiated remotely. There is not any exploit available. It is recommended to upgrade the affected component.