Which versions of Tinacms are affected by CVE-2025-68278?

TinaCMS versions prior to 3.1.1 contain a remote code execution vulnerability that allows authenticated users with markdown file access to execute arbitrary code on the server, potentially…. A patch is available.

Is there a public PoC exploit available for CVE-2025-68278?

Yes, a public proof-of-concept exploit is available for CVE-2025-68278. Prioritise patching immediately. EPSS: 0.1%.

Tinacms CVE-2025-68278

Q: What is the CVSS score of CVE-2025-68278?

CVE-2025-68278 has a CVSS 4.0 base score of 7.3 (High). CVSS vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X. EPSS exploitation probability: 0.1%.

Q: How to fix or mitigate CVE-2025-68278?

Within 24 hours: Identify all TinaCMS installations and document current versions of tinacms, @tinacms/cli, and @tinacms/graphql packages. Within 7 days: upgrade TinaCMS to version 3.1.1 or later, @tinacms/cli to version 2.0.4 or later, and @tinacms/graphql to version 2.0.3 or later across all environments. Within 30 days: review and restrict markdown file edit permissions to trusted users only; audit logs for any markdown file modifications by low-privilege accounts since deployment.

HIGH

Code Injection (CWE-94)

2025-12-18 security-advisories@github.com

RCE Code Injection Tinacms Tinacms Cli Tinacms Graphql

7.3

CVSS 4.0 · GitHub Advisory

Severity by source

GitHub Advisory PRIMARY

7.3 HIGH

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Primary rating from GitHub Advisory · only source for this CVE.

CVSS VectorGitHub Advisory

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Attack Vector

Network

Attack Complexity

Low

Privileges Required

Low

User Interaction

Scope

Lifecycle Timeline

Analysis Generated

Apr 10, 2026 - 17:37 vuln.today

Patch released

Apr 10, 2026 - 17:37 nvd

Patch available

PoC Detected

Apr 10, 2026 - 17:34 vuln.today

Public exploit code

CVE Published

Dec 18, 2025 - 16:15 nvd

HIGH 7.3

Blast Radius

ecosystem impact

† from your stack dependencies † transitive graph · vuln.today resolves 4-path depth

6 npm packages depend on @tinacms/graphql (3 direct, 3 indirect)
3 npm packages depend on tinacms (3 direct, 0 indirect)

Ecosystem-wide dependent count for version 2.0.3 and other introduced versions.

DescriptionGitHub Advisory

Tina is a headless content management system. In tinacms prior to version 3.1.1, tinacms uses the gray-matter package in an insecure way allowing attackers that can control the content of the processed markdown files, e.g., blog posts, to execute arbitrary code. tinacms version 3.1.1, @tinacms/cli version 2.0.4, and @tinacms/graphql version 2.0.3 contain a fix for the issue.

AnalysisAI

Remote code execution in TinaCMS affects versions prior to 3.1.1, @tinacms/cli before 2.0.4, and @tinacms/graphql before 2.0.3. Authenticated attackers with content control over markdown files can execute arbitrary code through insecure gray-matter package usage. The vulnerability requires low-privilege authentication (PR:L) and user interaction (UI:P), enabling full compromise of confidentiality, integrity, and availability in the vulnerable context. Publicly available exploit code exists, significantly increasing deployment risk for unpatched installations managing user-contributed markdown content.

Technical ContextAI

CWE-94 code injection stems from unsafe gray-matter frontmatter parsing in markdown processing pipeline. The library permits YAML deserialization of attacker-controlled markdown headers without input sanitization, enabling constructor injection or prototype pollution leading to arbitrary Node.js code execution during content ingestion workflows.

RemediationAI

Vendor-released patches: upgrade TinaCMS to version 3.1.1 or later, @tinacms/cli to version 2.0.4 or later, and @tinacms/graphql to version 2.0.3 or later. All three packages must be updated simultaneously to eliminate exposure. Organizations unable to immediately patch should restrict markdown content editing permissions to fully trusted administrators only and implement strict content review workflows. Implement input validation on frontmatter fields if custom parsing exists. Consult GitHub Security Advisory GHSA-529f-9qwm-9628 (https://github.com/tinacms/tinacms/security/advisories/GHSA-529f-9qwm-9628) for complete vendor guidance and technical details on the gray-matter exploitation mechanism. Verify remediation commit fa7c27abef968e3f3a3e7d564f282bc566087569 is included in deployed versions.

CVE-2025-68278 vulnerability details – vuln.today

Back