Remote Code Execution Vulnerability in Kirby CMS by GetKirby
CVE-2026-54003
9.1CRITICAL
What is CVE-2026-54003?
Kirby, an open-source content management system, is vulnerable to remote code execution when no user accounts are configured on publicly accessible servers with misconfigured reverse proxies. Attackers can exploit this flaw by improperly sending headers such as Forwarded, X-Client-IP, or X-Real-IP, enabling them to install the Panel and create the first admin user. This vulnerability has been addressed in Kirby CMS versions 4.9.4 and 5.4.4.
Affected Version(s)
kirby < 4.9.4 < 4.9.4
kirby >= 5.0.0, < 5.4.4 < 5.0.0, 5.4.4
