@tinacms/graphql

5 known vulnerabilities · 0 critical · 3 high

@tinacms/graphql has a Path Traversal issue

Published Mar 12, 2026

tinacms is vulnerable to arbitrary code execution

Published Dec 18, 2025

Risk: 35.52/100

@tinacms/graphql's `FilesystemBridge` Path Validation Can Be Bypassed via Symlinks or Junctions

Published Apr 1, 2026

Risk: 40.54/100

@tinacms/graphql has Path Traversal that leads to overwrite of arbitrary files

Published Mar 30, 2026

Risk: 35.52/100

@tinacms/graphql's Media Endpoints Can Escape the Media Root via Symlinks or Junctions

Published Apr 1, 2026

Check your entire dependency tree at onceRun dependency scan →