CVE-2026-32104 | studiocms up to 0.4.2 updateUserNotifications Endpoint authorization (GHSA-9v82-xrm4-mp52)

A vulnerability identified as problematic has been detected in studiocms up to 0.4.2. This vulnerability affects unknown code of the component updateUserNotifications Endpoint. The manipulation leads to authorization bypass.

This vulnerability is traded as CVE-2026-32104. It is possible to initiate the attack remotely. There is no exploit available.

You should upgrade the affected component.VulDB Recent EntriesRead More