Vulnerability in Getkirby Kirby

CVE-2026-44174

Kirby is an open-source content management system. Prior to 4.9.1 and 5.4.1, Kirby did not validate the model attributes that were used in its collection queries, allowing attackers to include arbitrary model methods in their queries. This…

Affected products

Weakness classification (CWE)

References