Staging Environment: Content and features may be unstable or change without notice.
Search for vulnerabilities
Vulnerability details: VCID-1zg8-cndr-73hk
Vulnerability ID VCID-1zg8-cndr-73hk
Aliases CVE-2025-31493
GHSA-x275-h9j4-7p4h
Summary Kirby vulnerable to path traversal of collection names during file system lookup The missing path traversal check allowed attackers to navigate and access all files on the server that were accessible to the PHP process, including files outside of the collections root or even outside of the Kirby installation. PHP code within such files was executed. Such attacks first require an attack vector in the site code that is caused by dynamic collection names, such as `collection('tags-' . get('tags'))`. It generally also requires knowledge of the site structure and the server's file system by the attacker, although it can be possible to find vulnerable setups through automated methods such as fuzzing. In a vulnerable setup, this could cause damage to the confidentiality and integrity of the server, for example: - it could allow the attacker to build a map of the server's file system for subsequent attacks, - it could allow access to configuration files that may contain sensitive information like security tokens or - it could cause the unintended execution of PHP scripts.
Status Published
Exploitability 0.5
Weighted Severity 6.2
Risk 3.1
Affected and Fixed Packages Package Details
Weaknesses (4)
CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CWE-23 Relative Path Traversal
CWE-937 OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities
CWE-1035 OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities
System Score Found at
epss 0.00771 https://api.first.org/data/v1/epss?cve=CVE-2025-31493
epss 0.00771 https://api.first.org/data/v1/epss?cve=CVE-2025-31493
cvssv4 6.3 https://github.com/getkirby/kirby
generic_textual MODERATE https://github.com/getkirby/kirby
cvssv4 6.3 https://github.com/getkirby/kirby/commit/95a51480a426a8ed0df799cc017403be9b987ced
generic_textual MODERATE https://github.com/getkirby/kirby/commit/95a51480a426a8ed0df799cc017403be9b987ced
cvssv4 6.3 https://github.com/getkirby/kirby/releases/tag/3.10.1.2
generic_textual MODERATE https://github.com/getkirby/kirby/releases/tag/3.10.1.2
ssvc Track https://github.com/getkirby/kirby/releases/tag/3.10.1.2
cvssv4 6.3 https://github.com/getkirby/kirby/releases/tag/3.9.8.3
generic_textual MODERATE https://github.com/getkirby/kirby/releases/tag/3.9.8.3
ssvc Track https://github.com/getkirby/kirby/releases/tag/3.9.8.3
cvssv4 6.3 https://github.com/getkirby/kirby/releases/tag/4.7.1
generic_textual MODERATE https://github.com/getkirby/kirby/releases/tag/4.7.1
ssvc Track https://github.com/getkirby/kirby/releases/tag/4.7.1
cvssv4 6.3 https://github.com/getkirby/kirby/security/advisories/GHSA-x275-h9j4-7p4h
generic_textual MODERATE https://github.com/getkirby/kirby/security/advisories/GHSA-x275-h9j4-7p4h
ssvc Track https://github.com/getkirby/kirby/security/advisories/GHSA-x275-h9j4-7p4h
cvssv4 6.3 https://nvd.nist.gov/vuln/detail/CVE-2025-31493
generic_textual MODERATE https://nvd.nist.gov/vuln/detail/CVE-2025-31493
Reference id Reference type URL
https://api.first.org/data/v1/epss?cve=CVE-2025-31493
https://github.com/getkirby/kirby
https://github.com/getkirby/kirby/commit/95a51480a426a8ed0df799cc017403be9b987ced
https://github.com/getkirby/kirby/releases/tag/3.10.1.2
https://github.com/getkirby/kirby/releases/tag/3.9.8.3
https://github.com/getkirby/kirby/releases/tag/4.7.1
CVE-2025-31493 https://nvd.nist.gov/vuln/detail/CVE-2025-31493
GHSA-x275-h9j4-7p4h https://github.com/advisories/GHSA-x275-h9j4-7p4h
GHSA-x275-h9j4-7p4h https://github.com/getkirby/kirby/security/advisories/GHSA-x275-h9j4-7p4h
No exploits are available.
Vector: CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:N/SC:L/SI:L/SA:N Found at https://github.com/getkirby/kirby
Attack Vector (AV) Attack Complexity (AC) Attack Requirements (AT) Privileges Required (PR) User Interaction (UI) Vulnerable System Impact Confidentiality (VC) Vulnerable System Impact Integrity (VI) Vulnerable System Impact Availability (VA) Subsequent System Impact Confidentiality (SC) Subsequent System Impact Integrity (SI) Subsequent System Impact Availability (SA)

network

adjacent

local

physical

low

high

none

present

none

low

high

none

passive

active

high

low

none

high

low

none

high

low

none

high

low

none

high

low

none

high

low

none
Vector: CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:N/SC:L/SI:L/SA:N Found at https://github.com/getkirby/kirby/commit/95a51480a426a8ed0df799cc017403be9b987ced
Attack Vector (AV) Attack Complexity (AC) Attack Requirements (AT) Privileges Required (PR) User Interaction (UI) Vulnerable System Impact Confidentiality (VC) Vulnerable System Impact Integrity (VI) Vulnerable System Impact Availability (VA) Subsequent System Impact Confidentiality (SC) Subsequent System Impact Integrity (SI) Subsequent System Impact Availability (SA)

network

adjacent

local

physical

low

high

none

present

none

low

high

none

passive

active

high

low

none

high

low

none

high

low

none

high

low

none

high

low

none

high

low

none
Vector: CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:N/SC:L/SI:L/SA:N Found at https://github.com/getkirby/kirby/releases/tag/3.10.1.2
Attack Vector (AV) Attack Complexity (AC) Attack Requirements (AT) Privileges Required (PR) User Interaction (UI) Vulnerable System Impact Confidentiality (VC) Vulnerable System Impact Integrity (VI) Vulnerable System Impact Availability (VA) Subsequent System Impact Confidentiality (SC) Subsequent System Impact Integrity (SI) Subsequent System Impact Availability (SA)

network

adjacent

local

physical

low

high

none

present

none

low

high

none

passive

active

high

low

none

high

low

none

high

low

none

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-13T19:08:28Z/ Found at https://github.com/getkirby/kirby/releases/tag/3.10.1.2
Vector: CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:N/SC:L/SI:L/SA:N Found at https://github.com/getkirby/kirby/releases/tag/3.9.8.3
Attack Vector (AV) Attack Complexity (AC) Attack Requirements (AT) Privileges Required (PR) User Interaction (UI) Vulnerable System Impact Confidentiality (VC) Vulnerable System Impact Integrity (VI) Vulnerable System Impact Availability (VA) Subsequent System Impact Confidentiality (SC) Subsequent System Impact Integrity (SI) Subsequent System Impact Availability (SA)

network

adjacent

local

physical

low

high

none

present

none

low

high

none

passive

active

high

low

none

high

low

none

high

low

none

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-13T19:08:28Z/ Found at https://github.com/getkirby/kirby/releases/tag/3.9.8.3
Vector: CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:N/SC:L/SI:L/SA:N Found at https://github.com/getkirby/kirby/releases/tag/4.7.1
Attack Vector (AV) Attack Complexity (AC) Attack Requirements (AT) Privileges Required (PR) User Interaction (UI) Vulnerable System Impact Confidentiality (VC) Vulnerable System Impact Integrity (VI) Vulnerable System Impact Availability (VA) Subsequent System Impact Confidentiality (SC) Subsequent System Impact Integrity (SI) Subsequent System Impact Availability (SA)

network

adjacent

local

physical

low

high

none

present

none

low

high

none

passive

active

high

low

none

high

low

none

high

low

none

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-13T19:08:28Z/ Found at https://github.com/getkirby/kirby/releases/tag/4.7.1
Vector: CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:N/SC:L/SI:L/SA:N Found at https://github.com/getkirby/kirby/security/advisories/GHSA-x275-h9j4-7p4h
Attack Vector (AV) Attack Complexity (AC) Attack Requirements (AT) Privileges Required (PR) User Interaction (UI) Vulnerable System Impact Confidentiality (VC) Vulnerable System Impact Integrity (VI) Vulnerable System Impact Availability (VA) Subsequent System Impact Confidentiality (SC) Subsequent System Impact Integrity (SI) Subsequent System Impact Availability (SA)

network

adjacent

local

physical

low

high

none

present

none

low

high

none

passive

active

high

low

none

high

low

none

high

low

none

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-13T19:08:28Z/ Found at https://github.com/getkirby/kirby/security/advisories/GHSA-x275-h9j4-7p4h
Vector: CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:N/SC:L/SI:L/SA:N Found at https://nvd.nist.gov/vuln/detail/CVE-2025-31493
Attack Vector (AV) Attack Complexity (AC) Attack Requirements (AT) Privileges Required (PR) User Interaction (UI) Vulnerable System Impact Confidentiality (VC) Vulnerable System Impact Integrity (VI) Vulnerable System Impact Availability (VA) Subsequent System Impact Confidentiality (SC) Subsequent System Impact Integrity (SI) Subsequent System Impact Availability (SA)

network

adjacent

local

physical

low

high

none

present

none

low

high

none

passive

active

high

low

none

high

low

none

high

low

none

high

low

none

high

low

none

high

low

none
Exploit Prediction Scoring System (EPSS)
Percentile 0.73943
EPSS Score 0.00771
Published At June 5, 2026, 12:55 p.m.
Date Actor Action Source VulnerableCode Version
2026-06-04T16:23:59.720438+00:00 GitLab Importer Import https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/getkirby/cms/CVE-2025-31493.yml 38.6.0