WordPress 3.0.3 is now available as an update to all users. It’s a security update, and users are recommended to go update their WordPress sites right away. Like, now.
Really, go do it right now.
The post on the WordPress news blog explains the update better than I could (bold is theirs):
This release fixes issues in the remote publishing interface, which under certain circumstances allowed Author- and Contributor-level users to improperly edit, publish, or delete posts.
These issues only affect sites that have remote publishing enabled.
This update comes just one week after security release 3.0.2.
WordPress 3.1 has been updated with these security fixes, so if you are beta testing WordPress 3.1 there’s no reason to stop. Just update to the nightly and you should be good to go.