Lucene search
K

4 matches found

RedhatCVE
RedhatCVE
added 2026/06/05 7:20 p.m.11 views

CVE-2026-41325

Kirby is an open-source content management system. Kirby's user permissions control which user role is allowed to perform specific actions to content models in the CMS. These permissions are defined for each role in the user blueprint site/blueprints/users/.... It is also possible to customize th...

8.8CVSS5.3AI score0.00363EPSS
Exploits0References1
OSV
OSV
added 2026/04/24 8:39 p.m.4 views

GHSA-6GQR-MX34-WH8R Kirby is vulnerable to authorization bypass during page, file and user creation via blueprint injection

TL;DR This vulnerability affects all Kirby sites where users of a particular role have no permission to create pages, files or users pages.create, files.create or users.create permission is disabled. This can be due to configuration in the user blueprints, via options in the model blueprints or v...

7.1CVSS5.7AI score0.00363EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added 2026/04/24 12:38 a.m.4 views

CVE-2026-41325

Kirby is an open-source content management system. Kirby's user permissions control which user role is allowed to perform specific actions to content models in the CMS. These permissions are defined for each role in the user blueprint site/blueprints/users/.... It is also possible to customize th...

7.1CVSS5.6AI score0.00363EPSS
Exploits0References4Affected Software1
EUVD
EUVD
added 2026/04/24 12:38 a.m.7 views

EUVD-2026-25371

Kirby is an open-source content management system. Kirby's user permissions control which user role is allowed to perform specific actions to content models in the CMS. These permissions are defined for each role in the user blueprint site/blueprints/users/.... It is also possible to customize th...

7.1CVSS5.6AI score0.00363EPSS
Exploits0References3
Rows per page
Query Builder