CVE-2026-30944HIGH 8.8EPSS p42.3%

CVE-2026-30944CVE-2026-30944

Description

StudioCMS is a server-side-rendered, Astro native, headless content management system. Prior to 0.4.0, the /studiocms_api/dashboard/api-tokens endpoint allows any authenticated user (at least Editor) to generate API tokens for any other user, including owner and admin accounts. The endpoint fails to validate whether the requesting user is authorized to create tokens on behalf of the target user ID, resulting in a full privilege escalation. This vulnerability is fixed in 0.4.0.

Scoring

CVSS 3.18.8 (HIGH)
VectorCVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
EPSS0.56% probability of exploitation · percentile 42.3% · 2026-06-21T12:00:28Z
Published2026-03-10
Last modified2026-03-17

Underlying weaknesses· 2

CWE-639CWE-863

References

  1. https://github.com/withstudiocms/studiocms/commit/f4a209fc090c90195e2419fff47b48a46eab7441
  2. https://github.com/withstudiocms/studiocms/releases/tag/studiocms@0.4.0
  3. https://github.com/withstudiocms/studiocms/security/advisories/GHSA-667w-mmh7-mrr4

2

TypeTargetConfidenceTier
WeaknessAuthorization Bypass Through User-Controlled Keycwe-6390%live
WeaknessIncorrect Authorizationcwe-8630%live

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CVE
CVE-2026-32267
CVE
CVE-2026-3432
CVE
CVE-2026-46407
CVE
CVE-2025-70983
CVE
CVE-2026-29204
CVE
CVE-2025-54378
Sourced from NVD + FIRST.org EPSS. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.