What is CVE-2026-32300?

CVE-2026-32300 is a high-severity vulnerability in Opensource-workshop Connect-cms, classified under Improper Authorization. CVSS score: 8.1/10. Published 2026-03-23.

How severe is CVE-2026-32300?

High severity. CVSS v3 base score is 8.1 out of 10.

Auth bypass in Opensource-workshop Connect-cms

CVE-2026-32300

Connect-CMS is a content management system. In versions on the 1.x series up to and including 1.41.0 and versions on the 2.x series up to and including 2.41.0, an improper authorization issue in the My Page profile update feature may allow…

EPSS: 0.000 (3.9th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 8.1 (High). Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N.

Affected products

Opensource-workshop Connect-cms — versions < 1.41.1, >= 2.0.0, < 2.41.1

Weakness classification (CWE)

References

https://github.com/opensource-workshop/connect-cms/security/advisories/GHSA-qr6x-wvxr-8hm9 (x_refsource_CONFIRM)
https://github.com/opensource-workshop/connect-cms/commit/7c9951738c62a1d51b91e9956d1eb756c5d52cce (x_refsource_MISC)
https://github.com/opensource-workshop/connect-cms/releases/tag/v1.41.1 (x_refsource_MISC)
https://github.com/opensource-workshop/connect-cms/releases/tag/v2.41.1 (x_refsource_MISC)

Frequently asked questions

What is CVE-2026-32300?: CVE-2026-32300 is a high-severity vulnerability in Opensource-workshop Connect-cms, classified under Improper Authorization. CVSS score: 8.1/10. Published 2026-03-23.
How severe is CVE-2026-32300?: High severity. CVSS v3 base score is 8.1 out of 10.