Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

EUVD
EUVDadded 2026/03/09 5:41 p.m.5 views

EUVD-2026-10169

Parse Server: PagesRouter path traversal allows reading files outside configured pages directory...

6.3CVSS5.8AI score0.00312EPSS
Exploits0References2
CVE
CVEadded 2026/03/07 4:20 p.m.15 views

CVE-2026-30848

Parse Server’s PagesRouter is vulnerable to a path traversal issue prior to versions 8.6.8 and 9.5.0-alpha.8. The boundary check uses a string prefix comparison without enforcing a directory separator boundary, enabling unauthenticated access to files outside the configured pagesPath by traversal...

6.3CVSS5.7AI score0.00312EPSS
Exploits0References1Affected Software1
Cvelist
Cvelistadded 2026/03/07 4:20 p.m.27 views

CVE-2026-30848 Parse Server: `PagesRouter` path traversal allows reading files outside configured pages directory

Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Prior to versions 8.6.8 and 9.5.0-alpha.8, the PagesRouter static file serving route is vulnerable to a path traversal attack that allows unauthenticated reading of files outside the configured...

6.3CVSS0.00312EPSS
Exploits0References1
Vulnrichment
Vulnrichmentadded 2026/03/07 4:20 p.m.3 views

CVE-2026-30848 Parse Server: `PagesRouter` path traversal allows reading files outside configured pages directory

Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Prior to versions 8.6.8 and 9.5.0-alpha.8, the PagesRouter static file serving route is vulnerable to a path traversal attack that allows unauthenticated reading of files outside the configured...

6.3CVSS5.7AI score0.00312EPSS
Exploits0References1
OSV
OSVadded 2026/03/07 4:20 p.m.5 views

CVE-2026-30848 Parse Server: `PagesRouter` path traversal allows reading files outside configured pages directory

Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Prior to versions 8.6.8 and 9.5.0-alpha.8, the PagesRouter static file serving route is vulnerable to a path traversal attack that allows unauthenticated reading of files outside the configured...

6.3CVSS5.7AI score0.00312EPSS
Exploits0References3
Positive Technologies
Positive Technologiesadded 2026/03/07 12:0 a.m.5 views

PT-2026-23872

Name of the Vulnerable Software and Affected Versions Parse Server versions prior to 8.6.8 Parse Server versions prior to 9.5.0-alpha.8 Description Parse Server, an open source backend deployable on Node.js infrastructures, contains a path traversal flaw in the PagesRouter static file serving...

6.3CVSS5.8AI score0.00312EPSS
Exploits0References9
CNNVD
CNNVDadded 2026/03/07 12:0 a.m.4 views

Parse Server 路径遍历漏洞

Parse Server is an open-source backend developed by the Parse Platform. It can be deployed on any infrastructure that supports Node.js. Versions of Parse Server prior to 8.6.8 and 9.5.0-alpha.8 contained a path traversal vulnerability. This vulnerability stems from path traversal attacks, which...

6.3CVSS5.8AI score0.00312EPSS
Exploits0References2
Rows per page
Query Builder