Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

withstudiocms — Vulnerabilities & Security Advisories 7

Browse all 7 CVE security advisories affecting withstudiocms. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Top products by withstudiocms:studiocms
CVE IDTitleCVSSSeverityPublished
CVE-2026-32638 StudioCMS REST getUsers Exposes Owner Account Records to Admin Tokens — studiocmsCWE-639 2.7 Low2026-03-18
CVE-2026-32104 StudioCMS: IDOR in User Notification Preferences Allows Any Authenticated User to Modify Any User's Settings — studiocmsCWE-639 5.4 Medium2026-03-11
CVE-2026-32106 StudioCMS: REST API Missing Rank Check Allows Admin to Create Peer Admin Accounts — studiocmsCWE-269 4.7 Medium2026-03-11
CVE-2026-32103 StudioCMS: IDOR — Admin-to-Owner Account Takeover via Password Reset Link Generation — studiocmsCWE-639 6.8 Medium2026-03-11
CVE-2026-30945 StudioCMS: IDOR — Arbitrary API Token Revocation Leading to Denial of Service — studiocmsCWE-639 7.1 High2026-03-10
CVE-2026-30944 StudioCMS Affected by Privilege Escalation via Insecure API Token Generation — studiocmsCWE-639 8.8 High2026-03-10
CVE-2026-24134 StudioCMS has an Authorization Bypass Through User-Controlled Key — studiocmsCWE-639 6.5 Medium2026-01-27

This page lists every published CVE security advisory associated with withstudiocms. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.