VOOZH about

URL: https://intel.aikido.dev/packages/packagist/getkirby/cms

⇱ getkirby/cms - Packagist package | Aikido Intel

Package Health/getkirby/cms

getkirby/cms

The Kirby core

Latest 6.0.0-alpha.2👁 Packagist
Packagist

100%

Total Score

Dependencies
Dependencies
Evaluates the health and security of package dependencies

100

Maturity
Maturity
Indicates package age, release frequency, and adoption metrics

100

Supply Chain
Supply Chain
Evaluates supply chain security practices and risks

100

Are you affected? Scan for Free

Vulnerabilities

TitleVersionsSeverity
CVE-2026-54005
getkirby/cms is vulnerable to Missing Authorization in versions 0.0.0 - 4.9.3 and 5.0.0-alpha.1 - 5.4.3.
0.0.0 - 4.9.35.0.0-alpha.1 - 5.4.3
High
CVE-2026-54004
getkirby/cms is vulnerable to Missing Authorization in versions 0.0.0 - 4.9.3 and 5.0.0-alpha.1 - 5.4.3.
0.0.0 - 4.9.35.0.0-alpha.1 - 5.4.3
Medium
CVE-2026-54003
getkirby/cms is vulnerable to External Initialization of Trusted Variables or Data Stores in versions 0.0.0 - 4.9.3 and 5.0.0-alpha.1 - 5.4.3.
0.0.0 - 4.9.35.0.0-alpha.1 - 5.4.3
Critical
CVE-2026-54002
getkirby/cms is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in versions 0.0.0 - 4.9.3 and 5.0.0-alpha.1 - 5.4.3.
0.0.0 - 4.9.35.0.0-alpha.1 - 5.4.3
High
CVE-2026-50188
getkirby/cms is vulnerable to Improper Neutralization of CRLF Sequences ('CRLF Injection') in versions 0.0.0 - 4.9.3 and 5.0.0-alpha.1 - 5.4.3.
0.0.0 - 4.9.35.0.0-alpha.1 - 5.4.3
Medium

Package versions

Maintainers

👁 Image
Kirby Team

Direct Dependencies

DependencyLast ReleaseScore
filp/whoops
Version 2.18.4
symfony/yaml
Version 7.4.1
composer/semver
Version 3.4.4
phpmailer/phpmailer
Version 7.0.2
claviska/simpleimage
Version 4.4.0

100%

Total Score

Dependencies
Dependencies
Evaluates the health and security of package dependencies

100

Maturity
Maturity
Indicates package age, release frequency, and adoption metrics

100

Supply Chain
Supply Chain
Evaluates supply chain security practices and risks

100

Are you affected? Scan for Free

Weekly Downloads

Info

Last Published
4 months ago
Created
7 years ago

Are You Affected?

Connect your repositories to instantly see whether vulnerable or malicious packages exist in your codebase.

Free. No credit card required.

Subscribe
Stay up to date with all updates
© 2026 Aikido Security BV | BE0792914919
Keizer Karelstraat 15, 9000, Ghent, Belgium
95 Third St, 2nd Fl, San Francisco, CA 94103, US
Unit 6.15 Runway East 18 18 Crucifix Ln, London SE1 3JW UK
Ghent, Belgium | San Francisco, US
👁 SOC 2
SOC 2Compliant
👁 ISO 27001
ISO 27001Compliant