2 matches found
@openinc/parse-server-opendash (>=4.0.0 <=4.0.4) potentially affected by CVE-2026-33624 via parse-server (>=9.6.0-alpha.37 <=9.6.0-alpha.43)
parse-server NPM version =9.6.0-alpha.37, =4.0.0, =4.0.4 Source cves: CVE-2026-33624 Source advisory: OSV:GHSA-2299-GHJR-6VJP...
Information Exposure
Overview parse-server is a version of the Parse backend that can be deployed to any infrastructure that can run Node.js. Affected versions of this package are vulnerable to Information Exposure via the watch parameter in LiveQuery subscriptions targeting protected fields. An attacker can infer...