What is GHSA-pvj2-mj22-xxmq?

GHSA-pvj2-mj22-xxmq is a security advisory published by GitHub Security Advisories with High severity. Typemill before 2.24.0 contains a path traversal vulnerability that allows authenticated...

Which CVE IDs does GHSA-pvj2-mj22-xxmq cover?

GHSA-pvj2-mj22-xxmq covers the following CVE IDs: CVE-2026-49133. Each CVE has its own detail page on EchelonGraph Pulse with the synthesized EG score.

What is the CVSS v3 score of GHSA-pvj2-mj22-xxmq?

GHSA-pvj2-mj22-xxmq has a CVSS v3 base score of 6.5, published by GitHub Security Advisories.

GHSA-pvj2-mj22-xxmqHighCVSS 6.5

Typemill before 2.24.0 contains a path traversal vulnerability that allows authenticated...

Vendor

GitHub Security Advisories

Published

June 17, 2026

Last Modified

June 17, 2026

🔗 CVE IDs covered (1)

CVE-2026-49133 →

📋 Description

Typemill before 2.24.0 contains a path traversal vulnerability that allows authenticated attackers with Author-level privileges to read arbitrary files outside the content directory by supplying traversal sequences in the path query parameter passed to Storage::getFile() with an empty folder argument. Attackers can bypass traversal-prevention controls in Storage::getFolderPath() to access sensitive files.

🔗 References (5)

https://nvd.nist.gov/vuln/detail/CVE-2026-49133
https://github.com/typemill/typemill/commit/bfbb27001acd5c56ad62166dbefe6a59798cf1c0
https://github.com/typemill/typemill/releases/tag/v2.24.2
https://www.vulncheck.com/advisories/typemill-path-traversal-via-controllerapiimage-getpagemedia
https://github.com/advisories/GHSA-pvj2-mj22-xxmq