Auth bypass in Getkirby Kirby

CVE-2026-45334

Kirby is an open-source content management system. In versions prior to 4.9.1 and 5.4.1, the content-locking feature returned lock information without checking the requesting user's access permissions. Kirby's Panel includes a content-lock…

Vulnerability class: Broken Access Control

Affected products

Weakness classification (CWE)

References