CVE-2026-42051

Published May 9th, 2026

View on NVD ↗

CVSS v3

4.3

MEDIUM

CVSS v2

N/A

Affected

PROJECT

Description

Kirby is an open-source content management system. Prior to versions 4.9.0 and 5.4.0, the system API endpoint leaks license data and installed version to authenticated users. This issue has been patched in versions 4.9.0 and 5.4.0.

getkirby/kirby

Kirby's core application folder

GitHub

1.51K