A vulnerability described as problematic has been identified in getkirby Kirby up to 4.9.0/5.4.0. Affected is an unknown function of the component Path Resolver. Such manipulation leads to improper authorization.

This vulnerability is traded as CVE-2026-44176. The attack may be launched remotely. There is no exploit available.