Vulnerabilities

Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.

Filtering: Group: cms Tag: cwe-943 Clear
ID Title
CVE-2026-27886 Path Traversal in @strapi/strapi (CVE-2026-27886)
path traversal in @strapi/strapi (CVE-2026-27886). Confidential information can be exposed externally. Exploitable via `POST /admin/reset-password`. Mitigation: upgrade to `5.37.0` or later.

🍪 About cookies

We use cookies to keep you logged in, remember your language, and improve the service.

Details →