studiocms

Top products

The 7 most recently published vulnerabilities affecting studiocms.

• CVE-2026-32638StudioCMS REST getUsers Exposes Owner Account Records to Admin Tokens2.7Mar 18, 2026
• CVE-2026-32104StudioCMS: IDOR in User Notification Preferences Allows Any Authenticated User to Modify Any User's Settings5.4Mar 11, 2026
• CVE-2026-32106StudioCMS: REST API Missing Rank Check Allows Admin to Create Peer Admin Accounts4.7Mar 11, 2026
• CVE-2026-32103StudioCMS: IDOR — Admin-to-Owner Account Takeover via Password Reset Link Generation6.8Mar 11, 2026
• CVE-2026-32101StudioCMS S3 Storage Manager Authorization Bypass via Missing `await` on Async Auth Check7.6Mar 11, 2026
• CVE-2026-30945StudioCMS: IDOR — Arbitrary API Token Revocation Leading to Denial of Service7.1Mar 10, 2026
• CVE-2026-30944StudioCMS Affected by Privilege Escalation via Insecure API Token Generation8.8Mar 10, 2026