pkg:npm/@tinacms/cli

All known vulnerabilities

• CRITICAL9.6CVE-2026-28792TinaCMS CLI Dev Server Vulnerable to Cross-Origin File Exfiltration via CORS Misconfiguration + Path Traversal in TinaCMS
  from 0, < 2.1.8
• HIGH8.6CVE-2023-25164Sensitive Information leak via Script File in TinaCMS
  >= 1.0.0, < 1.0.9
• HIGH8.4CVE-2026-28793TinaCMS Vulnerable to Path Traversal Leading to Arbitrary File Read, Write and Delete
  from 0, < 2.1.8
• HIGH7.5CVE-2024-45391Tina search token leak via lock file in TinaCMS
  from 0, < 1.6.2
• MEDIUM6.2CVE-2026-29066TinaCMS CLI has Arbitrary File Read via Disabled Vite Filesystem Restriction
  from 0, < 2.1.8
• —CVE-2025-68278tinacms is vulnerable to arbitrary code execution
  from 0, < 2.0.4