Vulnerabilities
Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.
| ID | Title | |
|---|---|---|
| CVE-2026-42174 |
|
Vulnerability in getkirby/cms (CVE-2026-42174)
vulnerability in getkirby/cms (CVE-2026-42174). Risk of unauthorized operations or information disclosure. Exploitable via ``user.update``. Mitigation: upgrade to `5.4.0` or later.
|
| CVE-2026-42051 |
|
Vulnerability in getkirby/cms (CVE-2026-42051)
vulnerability in getkirby/cms (CVE-2026-42051). Risk of unauthorized operations or information disclosure. Exploitable via ``access.system``. Mitigation: upgrade to `5.4.0` or later.
|
| CVE-2026-42069 |
|
Vulnerability in getkirby/cms (CVE-2026-42069)
vulnerability in getkirby/cms (CVE-2026-42069). Confidential information can be exposed externally. Exploitable via ``options``. Mitigation: upgrade to `5.4.0` or later.
|
| CVE-2026-42137 |
|
Vulnerability in getkirby (CVE-2026-42137)
vulnerability in getkirby (CVE-2026-42137). Confidential information can be exposed externally.
|
| CVE-2018-14519 |
|
Cross-Site Request Forgery (CSRF) in csrf (CVE-2018-14519)
vulnerability in csrf (CVE-2018-14519). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-16807 |
|
Cross-Site Scripting (XSS) in getkirby (CVE-2017-16807)
cross-site scripting in getkirby (CVE-2017-16807). Risk of unauthorized operations or information disclosure.
|