CVE-2026-28793 | tinacms up to 2.1.7 Endpoint path traversal (GHSA-2f24-mg4x-534q)

Inserito da Angelo Barbosa | Mar 12, 2026 | CVE

A vulnerability marked as critical has been reported in tinacms up to 2.1.7. Affected by this issue is some unknown functionality of the component Endpoint. This manipulation causes path traversal.

This vulnerability is registered as CVE-2026-28793. The attack needs to be launched locally. No exploit is available.

It is suggested to upgrade the affected component.

CVE-2026-28793 | tinacms up to 2.1.7 Endpoint path traversal (GHSA-2f24-mg4x-534q)

Post correlati

CVE-2023-49804 | louislam uptime-kuma up to 1.23.8 Password Change session fixiation (GHSA-88j4-pcx8-q4q3)

CVE-2023-50263 | Nautobot up to 1.6.6/2.0.5 /files/get/ name information disclosure (GHSA-75mc-3pjc-727q)

CVE-2025-45986 | Blink BL-X26_DA3 bs_SetMacBlack mac command injection

CVE-2025-10494 | Motors Plugin up to 1.4.89 on WordPress denial of service