Path Traversal in Getkirby Kirby

CVE-2026-44177

Kirby is an open-source content management system. In versions 5.3.0 and above but prior to 5.4.1, Kirby did not correctly validate the provided user ID, resulting in a path traversal vulnerability. Version 5.3.0 introduced a performance i…

Vulnerability class: Path Traversal (Directory Traversal)

Affected products

Weakness classification (CWE)

References