Strapi Vulnerable to SQL Injection in Content Type Builder
CVE: CVE-2026-22599 CVSS v3.1 Vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:N/SC:H/SI:H/SA:N (9.3 — Critical) Affected Versions: @strapi/content-type-builder <=5.33.1 (v5), @strapi/plugin-content-type-builder <=4.26.0 (v4) How to Patch: Immediately update your Strapi to >=5.33.2 (v5) or >=4.26.1 (v4)