Lucene search
K

4 matches found

Vulnrichment
Vulnrichment
added 2026/03/24 6:24 p.m.5 views

CVE-2026-33538 Parse Server: Denial of service via unindexed database query for unconfigured auth providers

Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Prior to versions 8.6.58 and 9.6.0-alpha.52, an unauthenticated attacker can cause denial of service by sending authentication requests with arbitrary, unconfigured provider names. The server...

8.7CVSS5.8AI score0.00406EPSS
Exploits0References5
Cvelist
Cvelist
added 2026/03/24 6:24 p.m.22 views

CVE-2026-33538 Parse Server: Denial of service via unindexed database query for unconfigured auth providers

Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Prior to versions 8.6.58 and 9.6.0-alpha.52, an unauthenticated attacker can cause denial of service by sending authentication requests with arbitrary, unconfigured provider names. The server...

8.7CVSS0.00406EPSS
Exploits0References5
CVE
CVE
added 2026/03/24 6:24 p.m.11 views

CVE-2026-33538

Parse Server v8.6.58 and v9.6.0-alpha.52 patch CVE-2026-33538, which allowed unauthenticated attackers to trigger DoS by sending auth requests for unconfigured providers. The server queries the user database for each unconfigured provider, and without an index on unconfigured providers this cause...

8.7CVSS5.8AI score0.00406EPSS
Exploits0References5Affected Software1
OSV
OSV
added 2026/03/24 6:24 p.m.9 views

CVE-2026-33538 Parse Server: Denial of service via unindexed database query for unconfigured auth providers

Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Prior to versions 8.6.58 and 9.6.0-alpha.52, an unauthenticated attacker can cause denial of service by sending authentication requests with arbitrary, unconfigured provider names. The server...

8.7CVSS5.8AI score0.00406EPSS
Exploits0References7
Rows per page
Query Builder