Description
Tina is a headless content management system. Prior to version 2.2.2, @tinacms/graphql uses string-based path containment checks in FilesystemBridge. That blocks plain ../ traversal, but it does not resolve symlink or junction targets. If a symlink/junction already exists under the allowed content root, a path like content/posts/pivot/owned.md is still considered "inside" the base even though the real filesystem target can be outside it. As a result, FilesystemBridge.get(), put(), delete(), and glob() can operate on files outside the intended root. This issue has been patched in version 2.2.2.
Published: 2026-04-01
Score: 7.1 High
EPSS: < 1% Very Low
KEV: No
Impact: File Access Outside Root (Potential Data Leakage)
Action: Patch Immediately
AI Analysis

Impact

The FilesystemBridge in @tinacms/graphql performs path containment checks that allow traversal via plain ../ but fail to resolve symlink or junction targets. As a result, file operations such as get, put, delete, and glob can act on files outside the intended content root. This flaw enables an attacker who can create or manipulate symlinks or junctions to read from or write to arbitrary files on the filesystem, potentially exposing sensitive data or compromising application integrity.

Affected Systems

The vulnerability affects the tinacms:tinacms product, specifically the @tinacms/graphql library used in Tina CMS. All releases prior to version 2.2.2 are vulnerable; version 2.2.2 and later include the fix.

Risk and Exploitability

With a CVSS score of 7.1, the flaw is considered high severity. The EPSS score is below 1% and the vulnerability is not listed in CISA’s KEV catalog, indicating a low probability of widespread exploitation. The likely attack vector is local: an attacker who can influence the creation of symlinks or junctions within the content root can subvert path validation, read or modify files outside the root, and thereby potentially exfiltrate data or tamper with the deployment.

Generated by OpenCVE AI on April 7, 2026 at 21:48 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade @tinacms/graphql to version 2.2.2 or later
  • If upgrade is not feasible, ensure that no symlinks or junctions exist under the allowed content root and sanitize input paths
  • Monitor filesystem operations for unauthorized access attempts

Generated by OpenCVE AI on April 7, 2026 at 21:48 UTC.

Tracking

Sign in to view the affected projects.

Advisories
Source ID Title
Github GHSA Github GHSA GHSA-g9c2-gf25-3x67 @tinacms/graphql's `FilesystemBridge` Path Validation Can Be Bypassed via Symlinks or Junctions
History

Tue, 07 Apr 2026 20:45:00 +0000

Type Values Removed Values Added
First Time appeared Ssw
Ssw tinacms\/graphql
CPEs cpe:2.3:a:ssw:tinacms\/graphql:*:*:*:*:*:node.js:*:*
Vendors & Products Ssw
Ssw tinacms\/graphql

Thu, 02 Apr 2026 20:30:00 +0000

Type Values Removed Values Added
First Time appeared Tina
Tina tinacms
Vendors & Products Tina
Tina tinacms

Wed, 01 Apr 2026 23:45:00 +0000

Type Values Removed Values Added
Description Tina is a headless content management system. Prior to version 2.2.2, @tinacms/graphql uses string-based path containment checks in FilesystemBridge. That blocks plain ../ traversal, but it does not resolve symlink or junction targets. If a symlink/junction already exists under the allowed content root, a path like content/posts/pivot/owned.md is still considered "inside" the base even though the real filesystem target can be outside it. As a result, FilesystemBridge.get(), put(), delete(), and glob() can operate on files outside the intended root. This issue has been patched in version 2.2.2.
Title @tinacms/graphql's `FilesystemBridge` Path Validation Can Be Bypassed via Symlinks or Junctions
Weaknesses CWE-22
CWE-59
References
Metrics cvssV3_1

{'score': 7.1, 'vector': 'CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:L'}

ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'poc', 'Technical Impact': 'total'}, 'version': '2.0.3'}

Subscriptions

Ssw Tinacms\/graphql
Tina Tinacms
cve-icon MITRE

Status: PUBLISHED

Assigner: GitHub_M

Published:

Updated: 2026-04-01T17:59:46.120Z

Reserved: 2026-03-30T17:15:52.500Z

Link: CVE-2026-34604

cve-icon Vulnrichment

Updated: 2026-04-01T17:59:37.575Z

cve-icon NVD

Status : Analyzed

Published: 2026-04-01T17:28:41.280

Modified: 2026-04-07T19:08:26.790

Link: CVE-2026-34604

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-08T19:57:05Z

Weaknesses