Lucene search
K

5 matches found

CVE
CVE
added yesterday9 views

CVE-2026-14535

The CVE affects Trail of Bits fickling up to version 0.1.11. The UnsafeImportsML analysis pass always calls AnalysisContext.shorten_code(node), populating shared AnalysisContext.reported_shortened_code. When MLAllowlist runs, it sees already_reported=True for every import and skips its allowlist ...

8.8CVSS5.9AI score
Exploits0References4
NVD
NVD
added 2026/03/31 3:16 p.m.12 views

CVE-2026-34363

Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Prior to versions 8.6.65 and 9.7.0-alpha.9, when multiple clients subscribe to the same class via LiveQuery, the event handlers process each subscriber concurrently using shared mutable objects...

8.2CVSS0.00367EPSS
Exploits0References5
Github Security Blog
Github Security Blog
added 2026/03/30 5:40 p.m.5 views

LiveQuery protected field leak via shared mutable state across concurrent subscribers

Impact When multiple clients subscribe to the same class via LiveQuery, the event handlers process each subscriber concurrently using shared mutable objects. The sensitive data filter modifies these shared objects in-place, so when one subscriber's filter removes a protected field, subsequent...

8.2CVSS6AI score0.00367EPSS
Exploits0References7Affected Software1
OSV
OSV
added 2026/03/30 5:40 p.m.3 views

GHSA-M983-V2FF-WQ65 LiveQuery protected field leak via shared mutable state across concurrent subscribers

Impact When multiple clients subscribe to the same class via LiveQuery, the event handlers process each subscriber concurrently using shared mutable objects. The sensitive data filter modifies these shared objects in-place, so when one subscriber's filter removes a protected field, subsequent...

8.2CVSS6AI score0.00367EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2026/03/30 12:0 a.m.7 views

PT-2026-29165

Name of the Vulnerable Software and Affected Versions Parse Server versions prior to 8.6.65 Parse Server versions prior to 9.7.0-alpha.9 Description Parse Server, an open source backend deployable on Node.js infrastructures, is affected by an issue where sensitive data can leak to unauthorized...

8.2CVSS5.9AI score0.00367EPSS
Exploits0References13
Rows per page
Query Builder