NVD Vulnerability Detail

Search Exploit, PoC

NVD脆弱性検索トップ

->

NVD Vulnerability Detail

CVE-2026-42174

Summary	Kirby is an open-source content management system. Prior to versions 4.9.0 and 5.4.0, user avatar creation, replacement and deletion are not gated by user update permissions. This issue has been patched in versions 4.9.0 and 5.4.0.
Publication Date	May 9, 2026, 1:16 p.m.
Registration Date	May 10, 2026, 4:10 a.m.
Last Update	May 9, 2026, 1:16 p.m.

Related information, measures and tools

No	URL	refsource	タグ
1	https://github.com/getkirby/kirby/releases/tag/4.9.0	security-advisories@github.com
2	https://github.com/getkirby/kirby/releases/tag/5.4.0	security-advisories@github.com
3	https://github.com/getkirby/kirby/security/advisories/GHSA-39cp-6679-8xv2	security-advisories@github.com

Common Vulnerabilities List