Lucene search
K

CVE-2025-68278

šŸ—“ļøĀ 18 Dec 2025Ā 15:27:21Reported byĀ GitHub_MTypeĀ 
cve
Ā cve
šŸ”—Ā web.nvd.nist.govšŸ“°ļøĀ 1Ā Media mentionsšŸ‘Ā 22Ā Views

Tinacms before 3.1.1 allows code execution via insecure gray-matter; upgrade to 3.1.1, cli 2.0.4, graphql 2.0.3.

Related
Detection
Affected
Refs
Social
ReporterTitlePublishedViews
Family
Circl
CVE-2025-68278
24 Jan 202622:43
–circl
CNNVD
TinaCMS ä»£ē ę³Øå…„ę¼ę“ž
18 Dec 202500:00
–cnnvd
Cvelist
CVE-2025-68278 tinacms vulnerable to arbitrary code execution
18 Dec 202515:27
–cvelist
EUVD
EUVD-2025-204304
18 Dec 202518:45
–euvd
Github Security Blog
tinacms is vulnerable to arbitrary code execution
18 Dec 202518:45
–github
NVD
CVE-2025-68278
18 Dec 202516:15
–nvd
OSV
CVE-2025-68278 tinacms vulnerable to arbitrary code execution
18 Dec 202515:27
–osv
OSV
GHSA-529F-9QWM-9628 tinacms is vulnerable to arbitrary code execution
18 Dec 202518:45
–osv
Positive Technologies
PT-2025-52257
18 Dec 202500:00
–ptsecurity
RedhatCVE
CVE-2025-68278
19 Dec 202516:23
–redhatcve
Rows per page
NVD
Vulners
Node
sswtinacmsRange<3.1.1node.js
OR
sswtinacms/cliRange<2.0.4node.js
OR
sswtinacms/graphqlRange<2.0.3node.js
[
  {
    "vendor": "tinacms",
    "product": "tinacms",
    "versions": [
      {
        "version": "tinacms < 3.1.1",
        "status": "affected"
      },
      {
        "version": "@tinacms/cli < 2.0.4",
        "status": "affected"
      },
      {
        "version": "@tinacms/graphql < 2.0.3",
        "status": "affected"
      }
    ]
  }
]

Data

Build on a solid foundation withĀ Vulners data

WeĀ provide theĀ essential building blocks forĀ cybersecurity solutions withĀ comprehensive, structured, andĀ constantly updated vulnerability andĀ exploits data

Api

Power your application withĀ Vulners API

The Vulners REST API offers reliable, high-performance access toĀ vulnerabilityĀ intelligence, withĀ 99.9%Ā SLAĀ uptime andĀ CDN-backed data delivery forĀ seamlessĀ global access

App

Assess and manage vulnerabilities withĀ VulnersĀ tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

17 Jun 2026 09:58Current
7High risk
Vulners AI Score7
CVSS 3.18.8
CVSS 48.6
EPSS0.00393
SSVC
22