CVE-2026-29905: Withdrawn Advisory: Kirby CMS has Persistent DoS via Malformed Image Upload
(updated )
Kirby CMS through version 5.1.4 allows an authenticated user with Editor permissions to cause a persistent Denial of Service (DoS) via a malformed image upload.
References
- drive.google.com/file/d/1MwvvSYIwnC8kOIzjycGMQZw4d2K2ef8h/view?usp=sharing
- github.com/Stalin-143/CVE-2026-29905
- github.com/Stalin-143/CVE-2026-29905/security/advisories/GHSA-cw7v-45wm-mcf2
- github.com/advisories/GHSA-cw7v-45wm-mcf2
- github.com/getkirby/kirby/releases/tag/5.2.0-rc.1
- github.com/github/advisory-database/pull/7503
- nvd.nist.gov/vuln/detail/CVE-2026-29905
Code Behaviors & Features
Detect and mitigate CVE-2026-29905 with GitLab Dependency Scanning
Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →