CVE-2026-34215 | parse-community parse-server up to 8.6.62/9.7.0-alpha.6 Verify Password Endpoint information disclosure (GHSA-wp76-gg32-8258)

Inserito da Angelo Barbosa | Apr 1, 2026 | CVE

A vulnerability, which was classified as problematic, has been found in parse-community parse-server up to 8.6.62/9.7.0-alpha.6. This impacts an unknown function of the component Verify Password Endpoint. Performing a manipulation results in information disclosure.

This vulnerability is known as CVE-2026-34215. Remote exploitation of the attack is possible. No exploit is available.

It is advisable to upgrade the affected component.

CVE-2026-34215 | parse-community parse-server up to 8.6.62/9.7.0-alpha.6 Verify Password Endpoint information disclosure (GHSA-wp76-gg32-8258)

Post correlati

CVE-2024-26311 | Archer Platform up to 6.14 P2 cross site scripting

CVE-2025-9981 | OpenSolution QuickCMS 6.8 Slider Editor cross site scripting

CVE-2025-62611 | aiomysql up to 0.2.0 MySQL file inclusion

CVE-2024-31071 | OpenHarmony up to 4.0.1 type confusion