CVE-2026-34573

Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Prior to versions 8.6.68 and 9.7.0-alpha.12, the GraphQL query complexity validator can be exploited to cause a denial-of-service by sending a crafted query with binary fan-out fragment spreads...

@bigegg/parse-server-schema-config (>=1.0.5 <=1.0.10), @kontaa/subgraph (>=1.0.1 <=1.2.3) +27 more potentially affected by CVE-2026-34573 via parse-server (>=2.0.8 <=7.5.4)

parse-server NPM version =2.0.8, =1.0.5, =1.0.1, =1.2.1, =2.4.46, =2.4.8, =1.0.0, =1.0.0, =1.0.1, =0.1.1, =0.0.2, =1.0.0, =0.1.0, =0.1.7, =0.0.1, =0.0.29 - parse-cli-server2 =0.0.30 and more Source cves: CVE-2026-34573 Source advisory: OSV:GHSA-MFJ6-6P54-M98C...

@openinc/parse-server-opendash (>=4.0.0 <=4.0.10) potentially affected by CVE-2026-34573 via parse-server (>=9.6.0-alpha.37 <=9.6.1)

parse-server NPM version =9.6.0-alpha.37, =4.0.0, =4.0.10 Source cves: CVE-2026-34573 Source advisory: OSV:GHSA-MFJ6-6P54-M98C...

CVE-2026-34573

creationtimestamp| type| source ---|---|--- 2026-03-31 17:26:20+00:00| published-proof-of-concept| Telegram/eKNKUl3o6DiU-2-jA1Bozh3wu6D5ajzBDCTSMbn5G7zvLo 2026-03-31 19:06:00+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mieuo7xpy52t...

MAL-2025-34573 Malicious code in tau-encode-web-sed-small (npm)

The package tau-encode-web-sed-small was found to contain malicious code...

CVE-2022-34573

An access control issue in Wavlink WiFi-Repeater RPTA2-77W.M4300.01.GD.2017Sep19 allows attackers to arbitrarily configure device settings via accessing the page mbwifibasic.shtml...

CVE-2024-34573

CVE-2024-34573 is a Stored XSS in Pootle Pagebuilder (WordPress Page Builder) affecting Pootle Pagebuilder – WordPress Page Builder up to and including version 5.7.1. The Red Hat entry repeats the same description. Exploitation details are not provided in the documents. The Wordfence vulnerabilit...

CVE-2024-34573 WordPress Pootle Pagebuilder plugin <= 5.7.1 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Pootlepress Pootle Pagebuilder – WordPress Page builder allows Stored XSS.This issue affects Pootle Pagebuilder – WordPress Page builder: from n/a through 5.7.1...

WordPress Pootle Pagebuilder – WordPress Page builder Plugin <= 5.7.1 is vulnerable to Cross Site Scripting (XSS)

Software Pootle Pagebuilder – WordPress Page builder Type Plugin Vulnerable versions = 5.7.1 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-34573 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID a5f35e271817 Credits savphill...

CVE-2022-34573

CVE-2022-34573 affects Wavlink WiFi-Repeater RPTA2-77W.M4300.01.GD.2017Sep19. The issue is an access control flaw in mb_wifibasic.shtml that allows an attacker to arbitrarily configure device settings. The CVSS vector from NVD indicates adjacent access, low attack complexity, low privileges requi...

CVE-2021-34573

creationtimestamp| type| source ---|---|--- 2021-09-16 16:23:20+00:00| seen| https://t.me/cibsecurity/28977...

CVE-2021-34573

CVE-2021-34573 affects Enbra EWM v1.7.29. Multiple external records (CNVD/CNNVD, CVE lists) describe an access control error wherein event returns and the “No flow”/backflow events are not re-recognized or are misinterpreted when used with several wireless M-Bus sensors. This can lead to incor...

CVE-2025-34573

This CVE entry is rejected/not used.

CVE-2025-34573

...