Signal
StudioCMS REST getUsers Exposes Owner Account Records to Admin Tokens
FastMCP OAuth Proxy token reuse across MCP servers Severity: high Identifiers: [{"cve_id": "CVE-2025-69196"}, {"identifiers": [{"value": "GHSA-5h2m-4q8j-pqpj", "type": "GHSA"}, {"value": "CVE-2025-69196", "type": "CVE"}]}].
github
studiocms_rest
Evidence locked
Today's free sample is only available for the edition's flagship signal.
Evidence preview
- StudioCMS REST getUsers Exposes Owner Account Records to Admin Tokensgithub_advisories
- FastMCP OAuth Proxy token reuse across MCP serversgithub_advisories