Better title to this article would have been “Mastodon vulnerability that allowed* attackers to take over accounts has been fixed.”

Yeah, it’s a very clickbaity headline about an issue that was fixed last week. Basically, admins keep your servers updated.

What about Lemmy , kbin, or beehaw

No idea, but if Lemmy has such a vulnerability, so does Beehaw. It’s just another instance of the same software.