Studiocms
This hub aggregates every CVE we track for Studiocms, a product in the oss libraries space. Use it to gauge the current risk picture and drill into individual advisories.
8
CVEs tracked
0
Critical
3
High
0
In CISA KEV
Severity distribution
MEDIUM4HIGH3LOW1
Monthly trend
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
1
0
7
0
0
0
2024-072026-06
Latest CVEs
The 8 most recently published vulnerabilities affecting Studiocms.
- CVE-2026-32638StudioCMS REST getUsers Exposes Owner Account Records to Admin Tokens2.7
- CVE-2026-32104StudioCMS: IDOR in User Notification Preferences Allows Any Authenticated User to Modify Any User's Settings5.4
- CVE-2026-32106StudioCMS: REST API Missing Rank Check Allows Admin to Create Peer Admin Accounts4.7
- CVE-2026-32103StudioCMS: IDOR — Admin-to-Owner Account Takeover via Password Reset Link Generation6.8
- CVE-2026-32101StudioCMS S3 Storage Manager Authorization Bypass via Missing `await` on Async Auth Check7.6
- CVE-2026-30945StudioCMS: IDOR — Arbitrary API Token Revocation Leading to Denial of Service7.1
- CVE-2026-30944StudioCMS Affected by Privilege Escalation via Insecure API Token Generation8.8
- CVE-2026-24134StudioCMS has an Authorization Bypass Through User-Controlled Key6.5
Product normalization is registry-driven with AI assist and human review. How it works