EXECUTIVE SUMMARY:
CVE-2026-47781 with a CVSS score of 8.4 is a vulnerability in the pdm package, specifically affecting versions <= 2.26.9, where project-controlled `.pdm-plugins` content is executed before CLI parsing, allowing arbitrary code execution with the privileges of the user running `pdm` from an untrusted repository checkout. An attacker can exploit this vulnerability by creating a malicious `.pth` file in the project plugin directory, which is then processed and executed by `site.addsitedir()` before normal CLI handling begins, requiring only local access to the repository and the ability to run a `pdm` command, such as `pdm --version`, to trigger the exploit. This grants the attacker the capability to execute arbitrary code, potentially leading to credential theft, persistence, or workspace tampering, and even privilege escalation if `pdm` is run via `sudo`, root-owned CI jobs, or privileged service accounts. The business impact and consequences of this vulnerability are significant, as it can compromise the security and integrity of the system, and prerequisites for exploitation include the presence of a vulnerable `pdm` version and the ability to create or modify files in the project plugin directory.[/subscribe_to_unlock_form]
EXECUTIVE SUMMARY:
CVE-2026-47781 with a CVSS score of 8.4 is a vulnerability in the pdm package, specifically affecting versions <= 2.26.9, where project-controlled `.pdm-plugins` content is executed before CLI parsing, allowing arbitrary code execution with the privileges of the user running `pdm` from an untrusted repository checkout. An attacker can exploit this vulnerability by creating a malicious `.pth` file in the project plugin directory, which is then processed and executed by `site.addsitedir()` before normal CLI handling begins, requiring only local access to the repository and the ability to run a `pdm` command, such as `pdm --version`, to trigger the exploit. This grants the attacker the capability to execute arbitrary code, potentially leading to credential theft, persistence, or workspace tampering, and even privilege escalation if `pdm` is run via `sudo`, root-owned CI jobs, or privileged service accounts. The business impact and consequences of this vulnerability are significant, as it can compromise the security and integrity of the system, and prerequisites for exploitation include the presence of a vulnerable `pdm` version and the ability to create or modify files in the project plugin directory.[emaillocker id="1283"]
RECOMMENDATION:
We recommend you to update pdm to version 2.27.0.
REFERENCES:
The following reports contain further technical details:
https://github.com/advisories/GHSA-qq6c-99pv-prvf