CVE-2026-29905

MEDIUM

Kirby CMS < 5.1.4 - Authenticated Denial of Service via Malformed Image Upload

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2026-29905. PoCs published by Stalin-143.

AI-analyzed exploit summary This repository contains detailed technical writeups for multiple CVEs, including CVE-2026-29905, which describes a persistent DoS vulnerability in Kirby CMS due to unchecked return values from `getimagesize()`. The writeup includes root cause analysis, affected versions, and references to patches.

Description

Kirby CMS through 5.1.4 allows an authenticated user with 'Editor' permissions to cause a persistent Denial of Service (DoS) via a malformed image upload. The application fails to properly validate the return value of the PHP getimagesize() function. When the system attempts to process this file for metadata or thumbnail generation, it triggers a fatal TypeError.

Exploits (1)

nomisec WRITEUP
by Stalin-143 · poc
https://github.com/Stalin-143/CVE

This repository contains detailed technical writeups for multiple CVEs, including CVE-2026-29905, which describes a persistent DoS vulnerability in Kirby CMS due to unchecked return values from `getimagesize()`. The writeup includes root cause analysis, affected versions, and references to patches.

Classification
Writeup 100%
Attack Type
Dos
Complexity
Moderate
Reliability
Reliable
Target: Kirby CMS ≤ 5.1.4
Auth required
Prerequisites: Editor permissions in Kirby CMS · Ability to upload malformed image files
devstral-2 · analyzed May 02, 2026 Full analysis →

References (3)

Core 3

Scores

CVSS v3 6.5
EPSS 0.0002
EPSS Percentile 4.8%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CISA SSVC

Vulnrichment
Exploitation poc
Automatable no
Technical Impact partial

Details

CWE
CWE-20 CWE-252
Status published
Products (2)
getkirby/cms 0 - 5.2.0-rc.1Packagist
getkirby/kirby < 5.1.4
Published Mar 26, 2026
Tracked Since Mar 26, 2026