CVE-2026-28791 | tinacms up to 2.1.6 media.ts join path traversal (GHSA-5hxf-c7j4-279c)

Inserito da Angelo Barbosa | Mar 12, 2026 | CVE

A vulnerability identified as critical has been detected in tinacms up to 2.1.6. Affected is the function join of the file media.ts. The manipulation leads to path traversal.

This vulnerability is listed as CVE-2026-28791. The attack may be initiated remotely. There is no available exploit.

You should upgrade the affected component.

CVE-2026-28791 | tinacms up to 2.1.6 media.ts join path traversal (GHSA-5hxf-c7j4-279c)

Post correlati

CVE-2024-9091 | code-projects Student Record System 1.0 /index.php regno sql injection

CVE-2024-41600 | Lin-CMS Springboot up to 0.2.1 UserController.java login information disclosure

CVE-2024-22920 | SWFTools 0.9.2 compile.c bufferWriteData use after free

CVE-2023-45484 | Tenda AC10 US_AC10V4.0si_V16.03.10.13_cn fromSetWifiGuestBasic shareSpeed stack-based overflow