Path Traversal in Getkirby Kirby
CVE-2026-44177
Kirby is an open-source content management system. In versions 5.3.0 and above but prior to 5.4.1, Kirby did not correctly validate the provided user ID, resulting in a path traversal vulnerability. Version 5.3.0 introduced a performance i…
Vulnerability class: Path Traversal (Directory Traversal)
Affected products
- Getkirby Kirby — versions >= 5.3.0, < 5.4.1
Weakness classification (CWE)
References
- security-advisories@github.com (x_refsource_CONFIRM)
- security-advisories@github.com (x_refsource_MISC)