diff --git a/programs/squads_multisig_program/src/instructions/spending_limit_use.rs b/programs/squads_multisig_program/src/instructions/spending_limit_use.rs
index 0d929220..5af6089f 100644
--- a/programs/squads_multisig_program/src/instructions/spending_limit_use.rs
+++ b/programs/squads_multisig_program/src/instructions/spending_limit_use.rs
@@ -96,11 +96,17 @@ impl SpendingLimitUse<'_> {
             ..
         } = self;
 
-        // member
+        // member - must be in BOTH the spending limit's member list AND the multisig's member list.
+        // SECURITY FIX: Previously only checked spending_limit.members, allowing removed
+        // multisig members to retain spending limit access.
         require!(
             spending_limit.members.contains(&member.key()),
             MultisigError::Unauthorized
         );
+        require!(
+            multisig.is_member(member.key()).is_some(),
+            MultisigError::NotAMember
+        );
 
         // spending_limit - needs no checking.