@avorati/strapi-plugin-preview (=1.0.1), @catchmexz/fedin-cms (>=5.30.1 <=5.30.2) +8 more potentially affected by CVE-2026-22599 via @strapi/content-type-builder (>=5.0.0-beta.6 <=5.33.1)

@strapi/content-type-builder NPM version =5.0.0-beta.6, =5.30.1, =2.0.2, =5.0.0, =3.0.0-beta.1, =3.0.0-beta.2 - stronges =0.1.1 - test-lead =0.1.0 Source cves: CVE-2026-22599 Source advisory: SNYK:JS-STRAPICONTENTTYPEBUILDER-16686876...

PT-2025-27860 · H Mdm +1 · Headwind Mdm +1

Name of the Vulnerable Software and Affected Versions: Headwind MDM versions prior to 5.33.1 Description: Headwind MDM versions prior to 5.33.1 allow unauthorized access to configuration details. Specifically, the configuration profile is exposed to users with the Observer role, revealing the...