CVE-2026-34604
Symlink Traversal in TinaCMS FilesystemBridge Allows Unauthorized Access
Publication date: 2026-04-01
Last updated on: 2026-04-07
Assigner: GitHub, Inc.
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| ssw | tinacms/graphql | to 2.2.1 (inc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-22 | The product uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory, but the product does not properly neutralize special elements within the pathname that can cause the pathname to resolve to a location that is outside of the restricted directory. |
| CWE-59 | The product attempts to access a file based on the filename, but it does not properly prevent that filename from identifying a link or shortcut that resolves to an unintended resource. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
CVE-2026-34604 is a path traversal vulnerability in the @tinacms/graphql package used by TinaCMS, a headless content management system. The issue arises because the FilesystemBridge component uses string-based path containment checks that block simple directory traversal like "../", but do not properly resolve symbolic links (symlinks) or junction points.
If a symlink or junction exists inside the allowed content root that points outside it, the path validation incorrectly considers the target path as inside the base directory. This allows methods like get(), put(), delete(), and glob() to operate on files outside the intended root directory.
The vulnerability is due to the validation only checking lexical path strings without resolving the actual filesystem targets, enabling unauthorized file read, write, or delete operations outside the configured content root.
This issue has been fixed in version 2.2.2 by replacing string-based checks with realpath-aware checks that resolve canonical filesystem paths before validation.
How can this vulnerability impact me? :
This vulnerability can allow an attacker to read, write, or delete files outside the intended content root directory in TinaCMS when using the vulnerable @tinacms/graphql versions.
Because the path validation does not properly resolve symlinks or junctions, an attacker who can create or exploit existing symlinks inside the content root can bypass directory restrictions.
The impact includes unauthorized access to sensitive files, modification or deletion of important data, and potential disruption of application functionality.
The vulnerability has a high severity score (CVSS 7.1) with high confidentiality and integrity impacts, meaning sensitive data could be exposed or altered.
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability arises from improper path validation that fails to resolve symbolic links or junctions, allowing file operations outside the intended directory. Detection involves checking for the presence of symlinks or junctions inside the allowed content root that point outside it.
You can detect potential exploitation or presence of this vulnerability by identifying symlinks or junctions within the content root directory and verifying if they point outside the base directory.
- On Linux/macOS, use the command: find /path/to/content/root -type l -exec ls -l {} \;
- On Windows, use PowerShell to find junctions or symlinks: Get-ChildItem -Path C:\path\to\content\root -Recurse -Attributes ReparsePoint
Additionally, monitoring file operations performed by the @tinacms/graphql package, especially calls to FilesystemBridge methods (get(), put(), delete(), glob()), for paths that resolve outside the base directory can help detect exploitation attempts.
What immediate steps should I take to mitigate this vulnerability?
The primary mitigation is to upgrade the @tinacms/graphql package to version 2.2.2 or later, where this vulnerability has been patched.
The patch replaces the string-based path containment checks with realpath-aware checks that resolve canonical filesystem paths using fs.realpath(), preventing symlink or junction traversal outside the intended directory.
Until the upgrade is applied, you should audit and remove any symlinks or junctions inside the content root that point outside the allowed directory to reduce risk.
Restrict access to TinaCMSβs GraphQL/content operations to trusted users only, as exploitation requires attacker-controlled relative paths.
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
The vulnerability allows unauthorized read, write, and delete operations on files outside the intended content root due to improper path validation that does not resolve symlinks or junctions.
Such unauthorized filesystem access can lead to exposure or modification of sensitive data, potentially violating data protection requirements in standards and regulations like GDPR and HIPAA.
Because the vulnerability compromises confidentiality and integrity of data (as indicated by the high CVSS impact on confidentiality and integrity), affected systems may fail to maintain compliance with these regulations that mandate strict controls on data access and protection.