[LOW] Kirby vulnerable to path traversal in the router for PHP's built-in server

PKSA-psph-xw59-snn6 CVE-2025-30207 GHSA-9p3p-w5jf-8xxg

Affected version: >=4.0.0,<4.7.1|>=3.10.0,<3.10.1.2|<3.9.8.3

Reported by:
GitHub

[MEDIUM] Kirby vulnerable to path traversal of collection names during file system lookup

PKSA-2y53-wq8k-h8qy CVE-2025-31493 GHSA-x275-h9j4-7p4h

Affected version: >=4.0.0,<4.7.1|>=3.10.0,<3.10.1.2|<3.9.8.3

Reported by:
GitHub