CVE security advisories and vulnerability history for strapi by strapi.
39
Total CVEs
Published
0
In CISA KEV
Exploited in the wild
15
Public exploits
With known exploit
6.9
Avg CVSS
2019–2026
Last updated
Overview
strapi has 39 published CVE records since 2019, of which 0 are in CISA's Known Exploited Vulnerabilities catalog and 15 have a known public exploit. The average CVSS base score across scored CVEs is 6.9.
This page aggregates every publicly disclosed vulnerability (CVE) affecting strapi, with a severity breakdown, the affected and patched versions, the most common weakness types, and the full CVE list.
Severity and exploitation
How the CVSS severity of strapi's CVEs breaks down, plus how many are exploited in the wild or have public exploit code.
Critical4
High8
Medium11
Low2
14 additional CVEs have no CVSS severity score.
In CISA’s Known Exploited Vulnerabilities catalog
0
None of strapi's CVEs are currently listed in CISA's KEV catalog.
Public exploits
15
15 of strapi's CVEs have a known public exploit available.
Affected versions and CVEs
Browse every strapi version named in a CVE, then pick one to see only the CVEs that affect it.
strapi strapi has 39 published CVE records since 2019.
How many strapi strapi CVEs are in CISA KEV?
None of strapi strapi's CVEs are currently listed in CISA's Known Exploited Vulnerabilities catalog.
Are there public exploits for strapi strapi vulnerabilities?
Yes — 15 of strapi strapi's CVEs have a known public exploit.
Which versions of strapi strapi are affected?
483 distinct strapi strapi versions are named across its CVEs. Use the version filter above to see the CVEs affecting a specific version.
What are the most common weakness types in strapi strapi CVEs?
strapi strapi's CVEs most often map to these CWE weakness types: CWE-200 (Exposure of Sensitive Information to an Unauthorized Actor), CWE-918 (Server-Side Request Forgery (SSRF)), CWE-613 (Insufficient Session Expiration), CWE-639 (Authorization Bypass Through User-Controlled Key).
How many critical strapi strapi vulnerabilities are there?
strapi strapi has 4 critical and 8 high-severity CVEs.
What is the average severity of strapi strapi CVEs?
The average CVSS base score across strapi strapi's scored CVEs is 6.9.
