npm package
@strapi/plugin-content-type-builder
pkg:npm/%40strapi/plugin-content-type-builder
Vulnerabilities (1)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2026-22599 | Hig | 7.2 | >= 4.0.0, < 4.26.1 | 4.26.1 | May 14, 2026 | Strapi is an open source headless content management system. In versions on the 4.x branch prior to 4.26.1 and on the 5.x branch prior to 5.33.2, a database-query injection vulnerability existed in the Strapi Content-Type Builder write API. An authenticated administrator could in |
- affected >= 4.0.0, < 4.26.1fixed 4.26.1
Strapi is an open source headless content management system. In versions on the 4.x branch prior to 4.26.1 and on the 5.x branch prior to 5.33.2, a database-query injection vulnerability existed in the Strapi Content-Type Builder write API. An authenticated administrator could in