CVE-2026-32878 | parse-server Deep Copy prototype pollution

Inserito da Angelo Barbosa | Mar 18, 2026 | CVE

A vulnerability, which was classified as problematic, has been found in parse-server. This affects an unknown function of the component Deep Copy. Performing a manipulation results in improperly controlled modification of object prototype attributes.

This vulnerability was named CVE-2026-32878. The attack may be initiated remotely. There is no available exploit.

It is advisable to upgrade the affected component.

CVE-2026-32878 | parse-server Deep Copy prototype pollution

Post correlati

CVE-2025-58619 | sbouey Falang Multilanguage Plugin up to 1.3.65 on WordPress deserialization

CVE-2024-6828 | Redux Framework Plugin up to 4.4.17 on WordPress JSON File Upload cross site scripting

CVE-2022-49259 | Linux Kernel up to 5.17.1 kobject_del Privilege Escalation

CVE-2024-50079 | Linux Kernel up to 6.11.4 io_uring_cancel_generic state issue (887ba598d9cf/8f7033aa4089)