CVE-2026-34604 | Tina CMS up to 2.2.1 path traversal

A vulnerability was found in Tina CMS up to 2.2.1. It has been declared as critical. This issue affects the function FilesystemBridge.get/FilesystemBridge.put/FilesystemBridge.delete/FilesystemBridge.glob. Such manipulation leads to path traversal.

This vulnerability is referenced as CVE-2026-34604. It is possible to launch the attack remotely. No exploit is available.

It is recommended to upgrade the affected component.VulDB Recent EntriesRead More