Package impact
npm / @strapi/admin
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2026-22706 | medium | 6.5 | 6.5 | 20d ago | Strapi: Password Reset Does Not Revoke Existing Refresh Sessions | |||
| CVE-2024-52588 | unknown | — | — | 1y ago | Strapi allows Server-Side Request Forgery in Webhook function | |||
| CVE-2023-38507 | unknown | — | — | 3y ago | Strapi Improper Rate Limiting vulnerability | |||
| CVE-2023-36472 | unknown | — | — | 3y ago | Strapi may leak sensitive user information, user reset password, tokens via content-manager views |