Known Vulnerabilities for Pivot by Trane
Listed below are 1 of the newest known vulnerabilities associated with "Pivot" by "Trane".
These CVEs are retrieved based on exact matches on listed software, hardware, and vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed software information are still displayed.
Data on known vulnerable versions is also displayed based on information from known CPEs
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2026-34604 | Tina is a headless content management system. Prior to version 2.2.2, @tinacms/graphql uses string-based path containment che... | Not Provided | 2026-04-01 | 2026-04-01 |
| CVE-2026-34603 | Tina is a headless content management system. Prior to version 2.2.2, @tinacms/cli recently added lexical path-traversal chec... | Not Provided | 2026-04-01 | 2026-04-01 |
| CVE-2026-25197 | A specific endpoint allows authenticated users to pivot to other user profiles by modifying the id number in the API call. | Not Provided | 2026-04-03 | 2026-04-03 |
| CVE-2023-4212 | A command injection vulnerability exists in Trane XL824, XL850, XL1050, and Pivot thermostats allowing an attacker to exe... | 6.8 - MEDIUM | 2023-08-22 | 2023-11-07 |