threat
engine
.sh
Back
·
··:··
Home
/
Product
/
parseplatform parse server
Product
parseplatform parse server
101 known vulnerabilities across versions
Vulnerabilities are listed by affected version. Select any CVE for the full briefing and its intelligence graph.
Sort
Newest first
Oldest first
Highest CVSS
Lowest CVSS
Min CVSS
Any
4.0+
7.0+ (High)
9.0+ (Critical)
Published since
Reset
CVE-2026-39381
< 8.6.75
Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Prior to 9.8.0-alpha.7 and
4.3
MEDIUM
CVE-2026-39321
< 8.6.74
Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Prior to 9.8.0-alpha.6 and
3.7
LOW
CVE-2026-35200
< 8.6.73
Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Prior to 8.6.73 and 9.7.1-
5.4
MEDIUM
CVE-2026-34784
< 8.6.71
Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Prior to versions 8.6.71 a
7.5
HIGH
CVE-2026-34215
< 8.6.63
Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Prior to versions 8.6.63 a
6.5
MEDIUM
CVE-2026-34595
< 8.6.70
Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Prior to versions 8.6.70 a
4.3
MEDIUM
CVE-2026-34574
< 8.6.69
Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Prior to versions 8.6.69 a
5.4
MEDIUM
CVE-2026-34573
< 8.6.68
Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Prior to versions 8.6.68 a
7.5
HIGH
CVE-2026-34532
< 8.6.67
Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Prior to versions 8.6.67 a
9.1
CRITICAL
CVE-2026-34373
>= 3.5.0 and < 8.6.66
Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Prior to versions 8.6.66 a
8.8
HIGH
CVE-2026-34363
< 8.6.65
Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Prior to versions 8.6.65 a
5.3
MEDIUM
CVE-2026-34224
< 8.6.64
Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Prior to versions 8.6.64 a
4.4
MEDIUM
CVE-2026-33627
< 8.6.61
Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Prior to versions 8.6.61 a
6.5
MEDIUM
CVE-2026-33624
< 8.6.60
Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Prior to versions 8.6.60 a
2.7
LOW
CVE-2026-33539
< 8.6.59
Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Prior to versions 8.6.59 a
7.2
HIGH
CVE-2026-33538
< 8.6.58
Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Prior to versions 8.6.58 a
7.5
HIGH
CVE-2026-33527
< 8.6.57
Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Prior to versions 8.6.57 a
4.3
MEDIUM
CVE-2026-33508
< 8.6.56
Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Prior to versions 8.6.56 a
7.5
HIGH
CVE-2026-33498
< 8.6.55
Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Prior to versions 8.6.55 a
7.5
HIGH
CVE-2026-33429
< 8.6.54
Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Prior to versions 8.6.54 a
5.3
MEDIUM
CVE-2026-33421
< 8.6.53
Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Prior to versions 8.6.53 a
6.5
MEDIUM
CVE-2026-33409
< 8.6.52
Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Prior to versions 8.6.52 a
9.1
CRITICAL
CVE-2026-33323
< 8.6.51
Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Prior to versions 8.6.51 a
5.3
MEDIUM
CVE-2026-33163
< 8.6.50
Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Prior to 9.6.0-alpha.35 an
6.5
MEDIUM
CVE-2026-33042
< 8.6.49
Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Prior to 9.6.0-alpha.29 an
5.3
MEDIUM
CVE-2026-32944
< 8.6.45
Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Prior to 9.6.0-alpha.21 an
7.5
HIGH
CVE-2026-32943
< 8.6.48
Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Prior to 9.6.0-alpha.28 an
3.1
LOW
CVE-2026-32886
< 8.6.47
Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Prior to 9.6.0-alpha.24 an
7.5
HIGH
CVE-2026-32878
< 8.6.44
Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Prior to 9.6.0-alpha.20 an
7.5
HIGH
CVE-2026-32770
< 8.6.43
Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Prior to 9.6.0-alpha.19 an
5.9
MEDIUM
CVE-2026-32742
< 8.6.42
Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Prior to 9.6.0-alpha.17 an
4.3
MEDIUM
CVE-2026-32728
< 8.6.41
Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Prior to 9.6.0-alpha.15 an
7.6
HIGH
CVE-2026-32594
< 8.6.40
Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Prior to 8.6.40 and 9.6.0-
7.3
HIGH
CVE-2026-32269
>= 8.0.2 and < 8.6.39
Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Prior to 9.6.0-alpha.13 an
6.5
MEDIUM
CVE-2026-32248
< 8.6.38
Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Prior to 9.6.0-alpha.12 an
9.8
CRITICAL
CVE-2026-32242
< 8.6.37
Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Prior to 9.6.0-alpha.11 an
7.4
HIGH
CVE-2026-32234
< 8.6.36
Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Prior to 9.6.0-alpha.10 an
4.7
MEDIUM
CVE-2026-32098
< 8.6.35
Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Prior to 9.6.0-alpha.9 and
7.5
HIGH
CVE-2026-31901
< 8.6.34
Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Prior to 8.6.34 and 9.6.0-
5.3
MEDIUM
CVE-2026-31875
< 8.6.33
Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Prior to 9.6.0-alpha.7 and
5.9
MEDIUM
CVE-2026-31872
< 8.6.32
Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Prior to 9.6.0-alpha.6 and
7.5
HIGH
CVE-2026-31871
< 8.6.31
Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Prior to 9.6.0-alpha.5 and
9.8
CRITICAL
CVE-2026-31868
< 8.6.30
Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Prior to 9.6.0-alpha.4 and
6.1
MEDIUM
CVE-2026-31856
< 8.6.29
Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. A SQL injection vulnerabil
9.8
CRITICAL
CVE-2026-31840
< 8.6.28
Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Prior to 9.6.0-alpha.2 and
9.8
CRITICAL
CVE-2026-31828
< 8.6.26
Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Prior to 9.5.2-alpha.13 an
8.8
HIGH
CVE-2026-31800
< 8.6.25
Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Prior to 9.5.2-alpha.12 an
9.1
CRITICAL
CVE-2026-30972
< 8.6.23
Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Prior o 9.5.2-alpha.10 and
7.5
HIGH
CVE-2026-30967
< 8.6.22
Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Prior to 9.5.2-alpha.9. an
8.8
HIGH
CVE-2026-30966
< 8.6.20
Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Prior to 9.5.2-alpha.7 and
10.0
CRITICAL
CVE-2026-30965
< 8.6.21
Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Prior to 9.5.2-alpha.8 and
9.1
CRITICAL
CVE-2026-30962
< 8.6.19
Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Prior to 9.5.2-alpha.6 and
6.5
MEDIUM
CVE-2026-30949
< 8.6.18
Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Prior to 9.5.2-alpha.5 and
8.8
HIGH
CVE-2026-30948
< 8.6.17
Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Prior to 9.5.2-alpha.4 and
5.4
MEDIUM
CVE-2026-30947
< 8.6.16
Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Prior to 9.5.2-alpha.3 and
7.5
HIGH
CVE-2026-30946
< 8.6.15
Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Prior 9.5.2-alpha.2 and 8.
7.5
HIGH
CVE-2026-30941
< 8.6.14
Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Prior to 8.6.14 and 9.5.2-
7.5
HIGH
CVE-2026-30939
< 8.6.13
Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Prior to 8.6.13 and 9.5.1-
7.5
HIGH
CVE-2026-30938
< 8.6.12
Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Prior to 8.6.12 and 9.5.1-
5.3
MEDIUM
CVE-2026-30925
< 8.6.11
Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Prior to 9.5.0-alpha.14 an
7.5
HIGH
CVE-2026-30863
< 8.6.10
Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Prior to versions 8.6.10 a
9.8
CRITICAL
CVE-2026-30854
>= 9.4.0 and < 9.5.0
Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. From version 9.3.1-alpha.3
5.3
MEDIUM
CVE-2026-30850
< 8.6.9
Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Prior to versions 8.6.9 an
5.9
MEDIUM
CVE-2026-30848
< 8.6.8
Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Prior to versions 8.6.8 an
3.7
LOW
CVE-2026-30835
< 8.6.7
Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Prior to versions 8.6.7 an
5.3
MEDIUM
CVE-2026-30229
< 8.6.6
Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Prior to versions 8.6.6 an
7.2
HIGH
CVE-2026-30228
< 8.6.5
Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Prior to versions 8.6.5 an
4.9
MEDIUM
CVE-2026-29182
< 8.6.4
Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Prior to versions 8.6.4 an
7.2
HIGH
CVE-2026-27804
< 8.6.3
Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Prior to versions 8.6.3 an
9.1
CRITICAL
CVE-2025-68150
< 8.6.2
Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Prior to versions 8.6.2 an
6.5
MEDIUM
CVE-2025-68115
< 8.6.1
Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. In versions prior to 8.6.1
6.1
MEDIUM
CVE-2025-67727
<= 8.5.0
Parse Server is an open source backend that can be deployed to any infrastructure that runs Node.js. In versions prior to 8.6.0-al
9.8
CRITICAL
CVE-2024-47183
< 6.5.9
Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. If the Parse Server option
8.1
HIGH
CVE-2024-29027
< 6.5.5
Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Prior to versions 6.5.5 an
9.0
CRITICAL
CVE-2024-27298
< 6.5.0
parse-server is a Parse Server for Node.js / Express. This vulnerability allows SQL injection when Parse Server is configured to u
10.0
CRITICAL
CVE-2023-46119
>= 1.0.0 and < 5.5.6
Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Parse Server crashes when
7.5
HIGH
CVE-2023-41058
< 5.5.5
Parse Server is an open source backend server. In affected versions the Parse Cloud trigger
beforeFind
is not invoked in certain
7.5
HIGH
CVE-2023-36475
< 5.5.2
Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Prior to versions 5.5.2 an
9.8
CRITICAL
CVE-2023-32689
< 5.4.4
Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Versions prior to 5.4.4 an
6.3
MEDIUM
CVE-2023-22474
< 5.4.1
Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Parse Server uses the requ
8.7
HIGH
CVE-2022-41878
< 4.10.19
Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. In versions prior to 5.3.2
7.2
HIGH
CVE-2022-41879
< 4.10.20
Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. In versions prior to 5.3.3
7.2
HIGH
CVE-2022-39396
< 4.10.18
Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Versions prior to 4.10.18,
9.8
CRITICAL
CVE-2022-39313
< 4.10.17
Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Versions prior to 4.10.17,
7.5
HIGH
CVE-2022-39231
< 4.10.16
Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. In versions prior to 4.10.
3.7
LOW
CVE-2022-39225
< 4.10.15
Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. In versions prior to 4.10.
4.3
MEDIUM
CVE-2022-36079
< 4.10.14
Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Internal fields (keys used
8.6
HIGH
CVE-2022-31112
< 4.10.13
Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. In affected versions parse
8.2
HIGH
CVE-2022-31089
< 4.10.12
Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. In affected versions certa
7.5
HIGH
CVE-2022-31083
< 4.10.11
Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Prior to versions 4.10.11
8.6
HIGH
CVE-2022-24901
< 4.10.10
Improper validation of the Apple certificate URL in the Apple Game Center authentication adapter allows attackers to bypass authen
7.5
HIGH
CVE-2022-24760
< 4.10.7
Parse Server is an open source http web server backend. In versions prior to 4.10.7 there is a Remote Code Execution (RCE) vulnera
10.0
CRITICAL
CVE-2021-41109
< 4.10.4
Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Prior to version 4.10.4, f
7.5
HIGH
CVE-2021-39187
< 4.10.3
Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Prior to version 4.10.3, P
7.5
HIGH
CVE-2021-39138
< 4.5.1
Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Developers can use the RES
4.8
MEDIUM
CVE-2020-26288
< 4.5.0
Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. It is an npm package "pars
7.7
HIGH
CVE-2020-15270
<= 4.3.0
Parse Server (npm package parse-server) broadcasts events to all clients without checking if the session token is valid. This allo
4.3
MEDIUM
CVE-2020-15126
>= 3.5.0 and < 4.3.0
In parser-server from version 3.5.0 and before 4.3.0, an authenticated user using the viewer GraphQL query can by pass all read se
6.5
MEDIUM
CVE-2020-5251
< 4.1.0
In parser-server before version 4.1.0, you can fetch all the users objects, by using regex in the NoSQL query. Using the NoSQL, yo
7.7
HIGH
CVE-2019-1020013
< 3.6.0
parse-server before 3.6.0 allows account enumeration.
5.3
MEDIUM
CVE-2019-1020012
< 3.4.1
parse-server before 3.4.1 allows DoS after any POST to a volatile class.
7.5
HIGH
Vulnerabilities
CISA KEV catalog
CWE weaknesses
CAPEC attack patterns
Package vulnerabilities
Threat intelligence
Threat actors
Tools & malware
ATT&CK techniques
IOCs
Detection & defense
Sigma rules
YARA rules
Atomic Red Team tests
D3FEND countermeasures
Compliance
NIST 800-53
ISO 27001:2022
SOC 2 TSC
PCI-DSS v4.0
CIS Controls v8.1
About
All capabilities
Live statistics
Data sources
Privacy policy
Terms of service
threatengine.sh · Open-source threat intelligence platform · 100+ authoritative sources · Every fact traces to its origin