pkg:npm/@strapi/core
3 total CVEsHIGH2
✅ Check your installed version
All known vulnerabilities
HIGH8.2CVE-2024-56143Strapi Allows Unauthorized Access to Private Fields via parms.lookup >= 5.0.0, < 5.5.2
HIGH7.5CVE-2025-53092Strapi core vulnerable to sensitive data exposure via CORS misconfiguration from 0, < 5.20.0
—CVE-2025-25298Strapi Password Hashing is Missing Maximum Password Length Validation from 0, < 5.10.3