Lucene search
K

3 matches found

vulnersOsv
vulnersOsv
added 2026/03/12 6:44 p.m.7 views

@tinacms/app (>=0.0.0-00aadfd-20260223215804 <=2.3.26), @tinacms/cli (>=0.0.0-00aadfd-20260223215804 <=2.1.7) +7 more potentially affected by CVE-2026-29066 via @tinacms/schema-tools (>=2.0.0 <=2.6.0)

@tinacms/schema-tools NPM version =2.0.0, =0.0.0-00aadfd-20260223215804, =0.0.0-00aadfd-20260223215804, =0.0.0-00aadfd-20260223215804, =0.0.0-00aadfd-20260223215804, =2.0.0, =0.0.0-00aadfd-20260223215804, =0.0.0-00aadfd-20260223215804, =0.0.0-00aadfd-20260223215804, =0.0.0-00aadfd-20260223215804,...

6.2CVSS5.8AI score0.01025EPSS
Exploits1
Snyk
Snyk
added 2026/03/12 6:44 p.m.7 views

Files or Directories Accessible to External Parties

Overview Affected versions of this package are vulnerable to Files or Directories Accessible to External Parties via the dev server configuration when server.fs.strict is set to false. An attacker can access sensitive files on the host system by sending crafted requests to the development server...

6.9CVSS5.8AI score0.01025EPSS
Exploits1References2
vulnersOsv
vulnersOsv
added 2026/03/12 6:44 p.m.7 views

@tinacms/app (>=0.0.0-00aadfd-20260223215804 <=2.3.26), @tinacms/cli (>=0.0.0-00aadfd-20260223215804 <=2.1.7) +7 more potentially affected by CVE-2026-28792 via @tinacms/schema-tools (>=2.0.0 <=2.6.0)

@tinacms/schema-tools NPM version =2.0.0, =0.0.0-00aadfd-20260223215804, =0.0.0-00aadfd-20260223215804, =0.0.0-00aadfd-20260223215804, =0.0.0-00aadfd-20260223215804, =2.0.0, =0.0.0-00aadfd-20260223215804, =0.0.0-00aadfd-20260223215804, =0.0.0-00aadfd-20260223215804, =0.0.0-00aadfd-20260223215804,...

9.6CVSS5.8AI score0.00535EPSS
Exploits1
Rows per page
Query Builder