HIGH🇬🇧 English

CVE-2026-42069

CVSS 7.1v4.0pub. 2026-05-09upd. 2026-05-18

Kirby is an open-source content management system. Prior to versions 4.9.0 and 5.4.0, read access to site, user and role information is not gated by permissions. This issue has been patched in versions 4.9.0 and 5.4.0.

oryginał EN
CVSS Vector
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
  • Getkirby Kirby

    APP
    Getkirby
    < 4.9.05.0.0 – 5.4.0 (bez)
🔵
ZWERYFIKUJ U PRODUCENTA
Brak jednoznacznych danych o patchu. Sprawdź referencje od producenta.
CWE
Referencje

Powiązane podatności

CVE-2026-42137HIGH7.1ten sam produkt

Kirby is an open-source content management system. Prior to versions 4.9.0 and 5.4.0, `pages.access/list` and ...

CVE-2026-41325HIGH7.1ten sam produkt

Kirby is an open-source content management system. Kirby's user permissions control which user role is allowed...

CVE-2026-34587HIGH7.6ten sam produkt

Kirby is an open-source content management system. Prior to versions 4.9.0 and 5.4.0, Kirby's user permissions...

CVE-2024-41964HIGH8.1ten sam produkt

Kirby is a CMS targeting designers and editors. Kirby allows to restrict the permissions of specific user role...

CVE-2024-26483HIGH8.8ten sam produkt

An arbitrary file upload vulnerability in the Profile Image module of Kirby CMS v4.1.0 allows attackers to exe...