CVE-2026-30944 | withstudiocms up to 0.3.x Endpoint api-tokens authorization (GHSA-667w-mmh7-mrr4)

A vulnerability marked as critical has been reported in withstudiocms studiocms up to 0.3.x. This issue affects some unknown processing of the file /studiocms_api/dashboard/api-tokens of the component Endpoint. The manipulation leads to authorization bypass.

This vulnerability is listed as CVE-2026-30944. The attack may be initiated remotely. There is no available exploit.

It is suggested to upgrade the affected component.VulDB Recent EntriesRead More