Lucene search
K

4 matches found

vulnersOsv
vulnersOsv
added 2026/04/08 12:14 a.m.10 views

@openinc/parse-server-opendash (>=4.0.0 <=4.0.11) potentially affected by CVE-2026-39381 via parse-server (>=9.6.0-alpha.37 <=9.7.0)

parse-server NPM version =9.6.0-alpha.37, =4.0.0, =4.0.11 Source cves: CVE-2026-39381 Source advisory: SNYK:JS-PARSESERVER-15928862...

5.3CVSS5.8AI score0.00193EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2026/03/26 3:1 p.m.6 views

CVE-2026-33409

Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Prior to versions 8.6.52 and 9.6.0-alpha.41, an authentication bypass vulnerability allows an attacker to log in as any user who has linked a third-party authentication provider, without knowin...

9.1CVSS5.7AI score0.00455EPSS
Exploits0References1
NVD
NVD
added 2026/03/18 10:16 p.m.2 views

CVE-2026-32770

Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Prior to 9.6.0-alpha.19 and 8.6.43, a remote attacker can crash the Parse Server by subscribing to a LiveQuery with an invalid regular expression pattern. The server process terminates when the...

7.5CVSS0.0055EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/03/18 9:42 p.m.25 views

CVE-2026-32886 Parse Server's Cloud function dispatch crashes server via prototype chain traversal

Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Prior to 9.6.0-alpha.24 and 8.6.47, remote clients can crash the Parse Server process by calling a cloud function endpoint with a crafted function name that traverses the JavaScript prototype...

8.2CVSS0.00512EPSS
Exploits0References3
Rows per page
Query Builder