Executive Summary

CVE-2026-29905 is a vulnerability in Kirby CMS versions up to 5.1.4 that allows an authenticated user with Editor permissions to cause a persistent Denial of Service (DoS) by uploading a malformed image file.

The issue occurs because Kirby CMS uses PHP's getimagesize() function to process uploaded images but does not properly validate the function's return value. When getimagesize() encounters a malformed image, it returns false instead of an expected array, which leads to a fatal TypeError during thumbnail generation or metadata processing.

This crash persists across page reloads, causing affected pages to return HTTP 500 errors until the problematic file is manually deleted from the filesystem.

The vulnerability is classified under CWE-252 (Unchecked Return Value) and CWE-20 (Improper Input Validation) and has a medium severity rating.

Useful 0 Not Useful 0

Impact Analysis

This vulnerability can impact you by allowing an authenticated user with Editor permissions to cause a persistent Denial of Service (DoS) on your Kirby CMS site.

Specifically, uploading a malformed image file can cause the system to crash with a fatal error, resulting in HTTP 500 errors on affected pages.

This DoS condition persists until the malformed file is manually removed, potentially disrupting site availability and user experience.

Useful 0 Not Useful 0

Detection Guidance

This vulnerability can be detected by identifying the presence of malformed image files uploaded by authenticated users with Editor permissions that cause Kirby CMS to return HTTP 500 errors on affected pages.

Specifically, pages that attempt to generate thumbnails or process metadata for these images will crash due to a fatal TypeError triggered by PHP's getimagesize() function returning false.

To detect this on your system, you can look for HTTP 500 errors on pages that display images uploaded by Editors and check the filesystem for recently uploaded image files that might be malformed.

• Check web server logs for repeated HTTP 500 errors related to image processing.
• Identify recently uploaded image files in the Kirby CMS content directories.
• Use PHP or command-line tools to test image validity, for example, running a PHP script that calls getimagesize() on suspect files to see if it returns false.
• Example command to find recently modified image files (Linux): `find /path/to/kirby/content -type f \( -iname '*.jpg' -o -iname '*.png' \) -mtime -7`
• Example PHP snippet to test an image file: `<?php $info = getimagesize('path/to/image.jpg'); var_dump($info); ?>` If it returns false, the image is malformed.

Useful 0 Not Useful 0

Mitigation Strategies

The immediate mitigation step is to upgrade Kirby CMS to version 5.2.0-rc.1 or later, where this vulnerability has been fixed.

Until the upgrade can be applied, you should restrict or monitor uploads by users with Editor permissions to prevent uploading malformed image files.

If the vulnerability has already been exploited, manually identify and delete the malformed image files causing the fatal errors to restore normal operation.

• Upgrade Kirby CMS to version 5.2.0-rc.1 or newer.
• Temporarily restrict image uploads for users with Editor permissions.
• Manually remove any malformed image files causing HTTP 500 errors.
• Implement additional validation on image uploads to ensure files are properly formatted before processing.

Useful 0 Not Useful 0

Compliance Impact

The provided information does not include any details about how this vulnerability affects compliance with common standards and regulations such as GDPR or HIPAA.

Useful 0 Not Useful 0