CVE-2026-32234 | parse-community parse-server up to 8.6.35/9.0.0 9.6.0-alpha.9 regex sql injection

Inserito da Angelo Barbosa | Mar 11, 2026 | CVE

A vulnerability, which was classified as critical, was found in parse-community parse-server up to 8.6.35/9.0.0 9.6.0-alpha.9. This vulnerability affects unknown code. The manipulation of the argument regex results in sql injection.

This vulnerability is reported as CVE-2026-32234. The attack can be launched remotely. No exploit exists.

You should upgrade the affected component.

CVE-2026-32234 | parse-community parse-server up to 8.6.35/9.0.0 9.6.0-alpha.9 regex sql injection

Post correlati

CVE-2024-48080 | aedes 0.51.2 Request denial of service

CVE-2024-43808 | JetBrains TeamCity up to 2024.07 HashiCorp Vault Vlugin cross site scripting

CVE-2025-27113 | xmlsoft libxml2 up to 2.12.9/2.13.5 pattern.c xmlPatMatch null pointer dereference

CVE-2024-26454 | Healthcare-Chatbot up to 9b7058a login.php email1/pwd1 cross site scripting