CVE-2026-54074
HIGH SEVERITYCVSS Score & Metrics
Base Score
7.8 / 10
Vulnerability Description
@tinacms/cli: Remote Code Execution in @tinacms/cli via Forestry migration — unsanitised __TINA_INTERNAL__ marker in user-controlled YAML labels
Vulnerability Details
Published Date
Last Modified
Source
GitHub
Vendor
npm
Product
@tinacms/cli
External References
- https://github.com/tinacms/tinacms/security/advisories/GHSA-4936-9hrh-qqpw
- https://github.com/tinacms/tinacms/pull/7006
- https://github.com/tinacms/tinacms/commit/77665ae73dd4f9563d339535e76fa811a8abdfbb
- https://github.com/tinacms/tinacms/releases/tag/@tinacms/cli@2.4.3
- https://github.com/advisories/GHSA-4936-9hrh-qqpw
Discussion (0)
Add Comment
No comments yet. Be the first!