CVE-2026-34604: @tinacms/graphql's `FilesystemBridge` Path Validation Can Be Bypassed via Symlinks or Junctions

April 1, 2026 (updated April 6, 2026)

@tinacms/graphql uses string-based path containment checks in FilesystemBridge:

path.resolve(path.join(baseDir, filepath))
startsWith(resolvedBase + path.sep)

That blocks plain ../ traversal, but it does not resolve symlink or junction targets. If a symlink/junction already exists under the allowed content root, a path like content/posts/pivot/owned.md is still considered “inside” the base even though the real filesystem target can be outside it.

As a result, FilesystemBridge.get(), put(), delete(), and glob() can operate on files outside the intended root.

References

Code Behaviors & Features

Detect and mitigate CVE-2026-34604 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →