4 matches found
CVE-2026-32242
Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Prior to 9.6.0-alpha.11 and 8.6.37, Parse Server's built-in OAuth2 auth adapter exports a singleton instance that is reused directly across all OAuth2 provider configurations. Under concurrent...
CVE-2026-32242
CVE-2026-32242 affects Parse Server: the built-in OAuth2 adapter previously exported a singleton instance shared across all OAuth2 provider configurations. Under concurrent authentication requests for multiple providers configured with oauth2: true, a token validation could run against another pr...
CVE-2026-32242 Parse Server OAuth2 adapter shares mutable state across providers via singleton instance
Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Prior to 9.6.0-alpha.11 and 8.6.37, Parse Server's built-in OAuth2 auth adapter exports a singleton instance that is reused directly across all OAuth2 provider configurations. Under concurrent...
EUVD-2026-11677
Parse Server's OAuth2 adapter shares mutable state across providers via singleton instance...