CVE ID :CVE-2026-42137 Published : May 9, 2026, 4:16 a.m. | 1 hour, 28 minutes ago Description :Kirby is an open-source content management system. Prior to versions 4.9.0 and 5.4.0, `pages.access/list` and `files.access/list` permissions are not consistently checked in the Panel and REST API. This issue has been patched in versions 4.9.0 and 5.4.0. Severity: 7.1 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more...