A vulnerability identified as problematic has been detected in Strapi up to 5.6.x . The impacted element is the function plugin::users-permissions.jwt.algorithm of the file users-permissions.jwt . Performing a manipulation results in risky cryptographic algorithm. This vulnerability was named CVE-2026-57997 . The attack may be initiated remotely. There is no available exploit. You should upgrade the affected component.