Strapi releases MCP server Beta to wire agents to content
The server enables CRUD, publish, and unpublish operations on Strapi content via MCP-compatible frameworks.
Latest Strapi News & Updates
See the latest news and media coverage for Strapi. We track all announcements, press releases, and industry mentions in real time, all in one place.
Open source Node.js headless CMS
strapi.io- Headquarters
- San Francisco, United States
- Founded year
- 2016
- Company type
- Private company
- Number of employees
- 80–200
Last updated
Latest news about Strapi
In short: Strapi had significant security updates, enhanced its AI capabilities, and released numerous tutorials and feature improvements for Strapi v5.
Company announcements
Strapi releases Better Auth Plugin Beta for Strapi 5
The plugin integrates Better Auth, supports content API permissions, and offers open-source customization.
Strapi explains CVE-2026-44578 Next.js WebSocket SSRF vulnerability
The high-severity SSRF affects self-hosted Next.js versions, allowing unauthenticated attackers to reach internal services and cloud metadata endpoints.
Strapi disclosed and patched five security vulnerabilities
The vulnerabilities include SQL injection, password reset session issues, MIME bypass, data leak, and rate limit bypass. Updates are available for v5 and v4 LTS.
Media coverage
Strapi, Rate-Limit Bypass, CVE-2025-64526 (Medium) - DailyCVE
Strapi, Rate-Limit Bypass, CVE-2025-64526 (Medium) - "DailyCVE.com – The advanced vulnerability database with modern testing, patching tutorials, and...
Strapi, Database Query Injection, CVE-2026-22599 (Critical) - DailyCVE
Strapi, Database Query Injection, CVE-2026-22599 (Critical) - "DailyCVE.com – The advanced vulnerability database with modern testing, patching tutorials, and...
(Strapi), Session Invalidation Flaw, CVE-2026-22706 (Low) - DailyCVE
(Strapi), Session Invalidation Flaw, CVE-2026-22706 (Low) - "DailyCVE.com – The advanced vulnerability database with modern testing, patching tutorials, and...
Guardarian Users Targeted With Malicious Strapi NPM Packages
A threat actor has used 36 malicious NPM packages posing as Strapi plugins to distribute malware targeting Redis, Docker, and credentials.
Never miss news about Strapi
Track Strapi and your other target companies to get real-time alerts and weekly summaries delivered straight to your inbox.
Strapi competitors & trending companies
Browse news for competitors to Strapi and other trending companies.
Hygraph
Storyblok
DatoCMS
Directus
Umbraco
Payload
Prismic
Fujitsu
Kennedy Wilson
CervoMed
Eoptolink
Ligent
InnoLight
Nauticus Robotics
Regentis Biomaterials
Clearfield
IMC
Helical Fusion
BDO
PwC
Icertis
Deloitte
Execo
Grant Thornton
Aktis Oncology
GEODNET
Moxie
Onorato
Aloe Care
Tombot
CarePredict
Labrador
Joy for All
Intuition Robotics
temi