CVE-2026-34784 | parse-community parse-server up to 8.6.70/9.7.0 HTTP Range Request improper authorization (GHSA-hpm8-9qx6-jvwv)

Inserito da Angelo Barbosa | Apr 1, 2026 | CVE

A vulnerability, which was classified as critical, was found in parse-community parse-server up to 8.6.70/9.7.0. Affected is an unknown function of the component HTTP Range Request Handler. Executing a manipulation can lead to improper authorization.

This vulnerability is handled as CVE-2026-34784. The attack can be executed remotely. There is not any exploit available.

You should upgrade the affected component.

CVE-2026-34784 | parse-community parse-server up to 8.6.70/9.7.0 HTTP Range Request improper authorization (GHSA-hpm8-9qx6-jvwv)

Post correlati

CVE-2025-43700 | Salesforce OmniStudio up to Spring 2025 FlexCards permissions

CVE-2025-56396 | y_project RuoYi 4.8.1 privilege escalation

CVE-2025-5962 | Red Hat Enterprise Linux 9/10 Lightspeed History Service access control

CVE-2025-27413 | PwnDoc up to 1.1.x Backup Restore path traversal (GHSA-r3vj-47cf-4672)