CVE-2026-24134

MEDIUM

StudioCMS <0.2.0 - Privilege Escalation

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 2 public exploits for CVE-2026-24134. PoCs published by XiaomingX, FilipeGaudard.

AI-analyzed exploit summary This repository contains a functional Python PoC for CVE-2026-24134, a Broken Object Level Authorization (BOLA) vulnerability in StudioCMS. The exploit demonstrates unauthorized access to draft content by leveraging missing server-side authorization checks.

Description

StudioCMS is a server-side-rendered, Astro native, headless content management system. Versions prior to 0.2.0 contain a Broken Object Level Authorization (BOLA) vulnerability in the Content Management feature that allows users with the "Visitor" role to access draft content created by Editor/Admin/Owner users. Version 0.2.0 patches the issue.

Exploits (2)

github WORKING POC 10 stars
by XiaomingX · pythonpoc
https://github.com/XiaomingX/data-cve-poc-py-v1/tree/main/2026/CVE-2026-24134

This repository contains a functional Python PoC for CVE-2026-24134, a Broken Object Level Authorization (BOLA) vulnerability in StudioCMS. The exploit demonstrates unauthorized access to draft content by leveraging missing server-side authorization checks.

Classification
Working Poc 95%
Attack Type
Auth Bypass
Complexity
Moderate
Reliability
Reliable
Target: StudioCMS <= 0.1.1
Auth required
Prerequisites: valid user credentials · target draft content UUID
devstral-2 · analyzed Feb 27, 2026 Full analysis →
nomisec WORKING POC
by FilipeGaudard · poc
https://github.com/FilipeGaudard/CVE-2026-24134-PoC

This repository contains a functional PoC for CVE-2026-24134, a Broken Object Level Authorization (BOLA) vulnerability in StudioCMS. The exploit demonstrates unauthorized access to draft content by exploiting missing server-side authorization checks.

Classification
Working Poc 95%
Attack Type
Auth Bypass
Complexity
Moderate
Reliability
Reliable
Target: StudioCMS <= 0.1.1
Auth required
Prerequisites: Valid user credentials · Known draft content UUID
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (3)

Core 3

Scores

CVSS v3 6.5
EPSS 0.0005
EPSS Percentile 16.6%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

CISA SSVC

Vulnrichment
Exploitation poc
Automatable no
Technical Impact partial

Details

CWE
CWE-862 CWE-639
Status published
Products (2)
npm/studiocms 0 - 0.2.0npm
studiocms/studiocms < 0.2.0
Published Jan 28, 2026
Tracked Since Feb 18, 2026