Lucene search
K

91 matches found

Vulnrichment
Vulnrichment
added 2026/03/11 8:9 p.m.0 views

CVE-2026-32104 StudioCMS: IDOR in User Notification Preferences Allows Any Authenticated User to Modify Any User's Settings

StudioCMS is a server-side-rendered, Astro native, headless content management system. Prior to 0.4.3, the updateUserNotifications endpoint accepts a user ID from the request payload and uses it to update that user's notification preferences. It checks that the caller is logged in but never...

5.4CVSS5.8AI score0.00253EPSS
Exploits1References1
ATTACKERKB
ATTACKERKB
added 2026/03/11 8:9 p.m.5 views

CVE-2026-32104

StudioCMS is a server-side-rendered, Astro native, headless content management system. Prior to 0.4.3, the updateUserNotifications endpoint accepts a user ID from the request payload and uses it to update that user's notification preferences. It checks that the caller is logged in but never...

5.4CVSS5.8AI score0.00253EPSS
Exploits1References2Affected Software1
Cvelist
Cvelist
added 2026/03/11 8:9 p.m.27 views

CVE-2026-32106 StudioCMS: REST API Missing Rank Check Allows Admin to Create Peer Admin Accounts

StudioCMS is a server-side-rendered, Astro native, headless content management system. Prior to 0.4.3, the REST API createUser endpoint uses string-based rank checks that only block creating owner accounts, while the Dashboard API uses indexOf-based rank comparison that prevents creating users at...

4.7CVSS0.003EPSS
Exploits1References1
OSV
OSV
added 2026/03/11 8:9 p.m.6 views

CVE-2026-32106 StudioCMS: REST API Missing Rank Check Allows Admin to Create Peer Admin Accounts

StudioCMS is a server-side-rendered, Astro native, headless content management system. Prior to 0.4.3, the REST API createUser endpoint uses string-based rank checks that only block creating owner accounts, while the Dashboard API uses indexOf-based rank comparison that prevents creating users at...

4.7CVSS5.8AI score0.003EPSS
Exploits1References3
Vulnrichment
Vulnrichment
added 2026/03/11 8:9 p.m.3 views

CVE-2026-32106 StudioCMS: REST API Missing Rank Check Allows Admin to Create Peer Admin Accounts

StudioCMS is a server-side-rendered, Astro native, headless content management system. Prior to 0.4.3, the REST API createUser endpoint uses string-based rank checks that only block creating owner accounts, while the Dashboard API uses indexOf-based rank comparison that prevents creating users at...

4.7CVSS5.8AI score0.003EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2026/03/11 8:6 p.m.2 views

CVE-2026-32103 StudioCMS: IDOR — Admin-to-Owner Account Takeover via Password Reset Link Generation

StudioCMS is a server-side-rendered, Astro native, headless content management system. Prior to 0.4.3, the POST /studiocmsapi/dashboard/create-reset-link endpoint allows any authenticated user with admin privileges to generate a password reset token for any other user, including the owner account...

6.8CVSS5.8AI score0.00344EPSS
Exploits1References1
CVE
CVE
added 2026/03/11 8:6 p.m.15 views

CVE-2026-32103

Summary: CVE-2026-32103 affects StudioCMS prior to version 0.4.3. The vulnerability resides in the POST /studiocms_api/dashboard/create-reset-link endpoint, where an authenticated admin can generate a password reset token for any user (including the owner) without validating that the target userI...

7.2CVSS5.8AI score0.00344EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2026/03/11 8:3 p.m.29 views

CVE-2026-32101 StudioCMS S3 Storage Manager Authorization Bypass via Missing `await` on Async Auth Check

StudioCMS is a server-side-rendered, Astro native, headless content management system. Prior to 0.3.1, the S3 storage manager's isAuthorized function is declared async returns Promise but is called without await in both the POST and PUT handlers. Since a Promise object is always truthy in...

7.6CVSS0.00183EPSS
Exploits1References1
OSV
OSV
added 2026/03/11 8:3 p.m.4 views

CVE-2026-32101 StudioCMS S3 Storage Manager Authorization Bypass via Missing `await` on Async Auth Check

StudioCMS is a server-side-rendered, Astro native, headless content management system. Prior to 0.3.1, the S3 storage manager's isAuthorized function is declared async returns Promise but is called without await in both the POST and PUT handlers. Since a Promise object is always truthy in...

7.6CVSS5.8AI score0.00183EPSS
Exploits1References3
Vulnrichment
Vulnrichment
added 2026/03/11 8:3 p.m.1 views

CVE-2026-32101 StudioCMS S3 Storage Manager Authorization Bypass via Missing `await` on Async Auth Check

StudioCMS is a server-side-rendered, Astro native, headless content management system. Prior to 0.3.1, the S3 storage manager's isAuthorized function is declared async returns Promise but is called without await in both the POST and PUT handlers. Since a Promise object is always truthy in...

7.6CVSS5.8AI score0.00183EPSS
Exploits1References1
CVE
CVE
added 2026/03/11 8:3 p.m.14 views

CVE-2026-32101

CVE-2026-32101 affects StudioCMS S3 Storage Manager prior to version 0.3.1. The isAuthorized() function is async but is called without await in both the POST and PUT handlers, causing the authorization check to always evaluate to bypass due to Promise objects being truthy. As a result, any authen...

7.6CVSS5.8AI score0.00183EPSS
Exploits1References1Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/03/11 8:3 p.m.4 views

CVE-2026-32101

StudioCMS is a server-side-rendered, Astro native, headless content management system. Prior to 0.3.1, the S3 storage manager's isAuthorized function is declared async returns Promise but is called without await in both the POST and PUT handlers. Since a Promise object is always truthy in...

7.6CVSS5.8AI score0.00183EPSS
Exploits1References2Affected Software1
Circl
Circl
added 2026/03/11 2:50 p.m.9 views

CVE-2026-32104

creationtimestamp| type| source ---|---|--- 2026-03-11 14:50:34+00:00| published-proof-of-concept| https://github.com/withstudiocms/studiocms/security/advisories/GHSA-9v82-xrm4-mp52...

5.4CVSS5.8AI score0.00253EPSS
Exploits1References1
OSV
OSV
added 2026/03/11 12:16 a.m.2 views

GHSA-8RGJ-VRFR-6HQR StudioCMS: IDOR — Arbitrary API Token Revocation Leading to Denial of Service

Summary The DELETE /studiocmsapi/dashboard/api-tokens endpoint allows any authenticated user with editor privileges or above to revoke API tokens belonging to any other user, including admin and owner accounts. The handler accepts tokenID and userID directly from the request payload without...

7.1CVSS5.9AI score0.00452EPSS
Exploits2References5
EUVD
EUVD
added 2026/03/11 12:16 a.m.5 views

EUVD-2026-10557

StudioCMS: IDOR — Arbitrary API Token Revocation Leading to Denial of Service...

7.1CVSS5.8AI score0.00452EPSS
Exploits2References4
Snyk
Snyk
added 2026/03/11 12:16 a.m.6 views

Authorization Bypass Through User-Controlled Key

Overview studiocms is an A Community-Driven Astro native CMS. Built from the ground up by the Astro community. Affected versions of this package are vulnerable to Authorization Bypass Through User-Controlled Key via the DELETE /studiocmsapi/dashboard/api-tokens endpoint. An attacker can revoke AP...

7.1CVSS5.9AI score0.00452EPSS
Exploits2References2
vulnersOsv
vulnersOsv
added 2026/03/11 12:16 a.m.6 views

@studiocms/migrator (>=0.2.0 <=0.2.1) potentially affected by CVE-2026-30945 via studiocms (>=0.2.0 <=0.3.0)

studiocms NPM version =0.2.0, =0.2.0, =0.2.1 Source cves: CVE-2026-30945 Source advisory: SNYK:JS-STUDIOCMS-15518585...

7.1CVSS5.8AI score0.00452EPSS
Exploits2
vulnersOsv
vulnersOsv
added 2026/03/11 12:16 a.m.6 views

studiocms (>=0.1.0 <=0.1.0-beta.31) potentially affected by CVE-2026-30945 via @withstudiocms/auth-kit (>=0.1.0-beta.1 <=0.1.0)

@withstudiocms/auth-kit NPM version =0.1.0-beta.1, =0.1.0, =0.1.0-beta.31 Source cves: CVE-2026-30945 Source advisory: SNYK:JS-WITHSTUDIOCMSAUTHKIT-15518584...

7.1CVSS5.8AI score0.00452EPSS
Exploits2
Snyk
Snyk
added 2026/03/11 12:16 a.m.5 views

Authorization Bypass Through User-Controlled Key

Overview @withstudiocms/api-spec is an API Specification for StudioCMS Affected versions of this package are vulnerable to Authorization Bypass Through User-Controlled Key via the DELETE /studiocmsapi/dashboard/api-tokens endpoint. An attacker can revoke API tokens belonging to other users,...

7.1CVSS5.9AI score0.00452EPSS
Exploits2References2
EUVD
EUVD
added 2026/03/11 12:16 a.m.8 views

EUVD-2026-10558

StudioCMS: IDOR — Arbitrary API Token Revocation Leading to Denial of Service...

7.1CVSS5.8AI score0.00452EPSS
Exploits2References4
Rows per page
Query Builder