DEV Community: CVE Reports

GHSA-H5X8-XP6M-X6Q4: GHSA-H5X8-XP6M-X6Q4: Unvalidated Signature Generation in @jhb.software/payload-cloudinary-plugin

CVE Reports — Sat, 20 Jun 2026 09:41:23 +0000

GHSA-H5X8-XP6M-X6Q4: Unvalidated Signature Generation in @jhb.software/payload-cloudinary-plugin

Vulnerability ID: GHSA-H5X8-XP6M-X6Q4
CVSS Score: 7.1
Published: 2026-06-19

The @jhb.software/payload-cloudinary-plugin exposes an endpoint that performs unvalidated cryptographic signing of Cloudinary API parameters, allowing authenticated users with minimal privileges to forge valid signatures for arbitrary actions. This flaw allows attackers to overwrite remote storage assets, execute unauthorized file uploads, alter asset visibility parameters, trigger SSRF webhooks, and perform directory traversal within Cloudinary repositories.

TL;DR

The @jhb.software/payload-cloudinary-plugin fails to validate client-supplied parameters passed to Cloudinary's cryptographic signing helper. Authenticated users can obtain mathematically valid HMAC-SHA1 signatures for any arbitrary payload, creating a signature oracle to overwrite files, bypass visibility rules, or trigger outbound SSRF webhooks.

⚠️ Exploit Status: POC

Technical Details

CWE ID: CWE-347 (Improper Verification of Cryptographic Signature)
Attack Vector: Network (Unauthenticated or Low-Privilege authenticated API interaction)
CVSS Score: 7.1 (High)
Impact: Integrity Loss, Server-Side Request Forgery, Directory Traversal, CDN Invalidation
Exploit Status: Proof-of-Concept Available
KEV Status: Not Listed

Affected Systems

Systems deploying @jhb.software/payload-cloudinary-plugin versions between 0.3.0 and 0.4.0 with clientUploads enabled.
@jhb.software/payload-cloudinary-plugin: >= 0.3.0 < 0.4.0 (Fixed in: 0.4.0)

Exploit Details

GitHub Security Advisory: Advisory containing technical description and proof of concept parameters.

Mitigation Strategies

Upgrade payload-cloudinary-plugin to version 0.4.0 or higher.
Disable client-side direct uploads by setting clientUploads to false in the configuration.
Configure strict directory path restrictions in the plugin settings to restrict uploads to a specific target folder.
Deploy WAF rule policies to inspect and filter parameters sent to the signing endpoint.

Remediation Steps:

Audit the package-lock.json or yarn.lock file to identify installations of @jhb.software/payload-cloudinary-plugin below version 0.4.0.
Modify the project package.json to specify version ^0.4.0 of the plugin.
Execute the package manager's installation command (npm install or yarn install) to pull and apply the patch.
If upgrading is delayed, locate the payload configuration file and set clientUploads: false under the cloudinary plugin properties block.
Deploy updated WAF rules to detect and reject requests containing prohibited fields in signature generation payloads.

References

Read the full report for GHSA-H5X8-XP6M-X6Q4 on our website for more details including interactive diagrams and full exploit analysis.

GHSA-G2GW-Q38M-VJFC: GHSA-G2GW-Q38M-VJFC: Server-Side Request Forgery and Bearer Token Exfiltration in @merill/lokka

CVE Reports — Sat, 20 Jun 2026 09:11:37 +0000

GHSA-G2GW-Q38M-VJFC: Server-Side Request Forgery and Bearer Token Exfiltration in @merill/lokka

Vulnerability ID: GHSA-G2GW-Q38M-VJFC
CVSS Score: 8.7
Published: 2026-06-19

A Server-Side Request Forgery (SSRF) and Bearer Token Exfiltration vulnerability exists in the @merill/lokka (Lokka) Model Context Protocol (MCP) server prior to version 2.1.2. The server constructed Azure Resource Manager request URLs by concatenating user-controlled path parameters directly into destination request strings. By injecting authority-redefinition characters, an attacker can manipulate URL parsing to execute a host-escape attack, forcing the server to send high-privilege Azure Resource Manager (ARM) Bearer tokens to an external attacker-controlled host. This allows complete administrative access to the associated Azure subscriptions.

TL;DR

Unauthenticated Server-Side Request Forgery (SSRF) in the @merill/lokka MCP server allows remote attackers to exfiltrate Azure Resource Manager OAuth 2.0 Bearer tokens to arbitrary servers via malicious path variables containing host-escape characters.

⚠️ Exploit Status: POC

Technical Details

CWE ID: CWE-918
Attack Vector: Network
CVSS Score: 8.7 (High)
Impact: Credential Leakage and Host-Escape
Exploit Status: Proof-of-Concept
Remediation: Patch to version 2.1.2 or later

Affected Systems

@merill/lokka MCP Server
@merill/lokka: < 2.1.2 (Fixed in: 2.1.2)

Code Analysis

Commit: babead8

Introduce validateAzurePath and buildAzureUrl functions to prevent SSRF and host-escape attacks

Mitigation Strategies

Upgrade to @merill/lokka version 2.1.2 or higher to secure URL construction paths
Implement strict network egress filtering to prevent unauthorized connections to unknown external IPs
Ensure that input validation libraries screen out control characters, including the @ symbol and backslashes, from path inputs

Remediation Steps:

Run npm update @merill/lokka to update to the latest secure version
Verify that your configuration files do not override path validation in the Lokka server initialization
Enable application firewall logging to audit and trace outbound connections from your Model Context Protocol backend

References

Read the full report for GHSA-G2GW-Q38M-VJFC on our website for more details including interactive diagrams and full exploit analysis.

GHSA-4XGF-CPJX-PC3J: GHSA-4xgf-cpjx-pc3j: Directory Traversal and Symlink Following in Pydantic Settings

CVE Reports — Sat, 20 Jun 2026 07:42:28 +0000

GHSA-4xgf-cpjx-pc3j: Directory Traversal and Symlink Following in Pydantic Settings

Vulnerability ID: GHSA-4XGF-CPJX-PC3J
CVSS Score: 5.3
Published: 2026-06-19

A directory traversal and symlink following vulnerability exists in Pydantic Settings when using the NestedSecretsSettingsSource with nested subdirectory lookups enabled. An attacker capable of writing to the secrets directory can bypass size limitations, read arbitrary host files, or cause a denial-of-service condition via cyclic symlinks.

TL;DR

Discrepant globbing behaviors in Pydantic Settings allow directory traversal and symlink resolution bypasses, leading to arbitrary local file read and infinite loops.

⚠️ Exploit Status: POC

Technical Details

CWE ID: CWE-59
Attack Vector: Local
CVSS Score: 5.3
Exploit Status: Proof-of-Concept
EPSS Percentile: N/A
CISA KEV Status: Not Listed
Affected Component: NestedSecretsSettingsSource

Affected Systems

pydantic-settings
pydantic-settings: >= 2.12.0, < 2.14.2 (Fixed in: 2.14.2)

Mitigation Strategies

Upgrade to pydantic-settings >= 2.14.2
Disable nested secrets subdirectory lookups (secrets_nested_subdir=False)
Enforce strict file permissions (0700) on the secrets directory to prevent unauthorized write or symlink insertion

Remediation Steps:

Identify all projects using pydantic-settings with secrets configuration.
Update requirements files to specify version 2.14.2 or higher.
If immediate upgrade is not possible, modify model configuration to set secrets_nested_subdir=False.
Verify permissions on configuration directories to prevent untrusted local users from inserting symlinks.

References

Read the full report for GHSA-4XGF-CPJX-PC3J on our website for more details including interactive diagrams and full exploit analysis.

GHSA-H5RG-8P7F-47G2: GHSA-h5rg-8p7f-47g2: Server-Side Request Forgery (SSRF) in SurrealDB Identity & Access Management (IAM) JWKS Fetcher

CVE Reports — Sat, 20 Jun 2026 06:12:01 +0000

GHSA-h5rg-8p7f-47g2: Server-Side Request Forgery (SSRF) in SurrealDB Identity & Access Management (IAM) JWKS Fetcher

Vulnerability ID: GHSA-H5RG-8P7F-47G2
CVSS Score: 4.1
Published: 2026-06-19

A Server-Side Request Forgery (SSRF) vulnerability exists in SurrealDB's Identity & Access Management (IAM) module prior to version 3.1.5. When configuring JSON Web Key Set (JWKS) URLs for token verification, the remote fetcher follows HTTP redirects by default without validating redirect targets against configured network capabilities. This allows high-privileged users to bypass network access limits and perform blind port scanning of internal network resources.

TL;DR

High-privileged users can exploit automatic HTTP redirect following in SurrealDB's JWKS fetcher to bypass egress restrictions and perform blind SSRF against internal resources.

Technical Details

CWE ID: CWE-918
Attack Vector: Network
CVSS v3.1 Score: 4.1
Exploit Status: none
KEV Status: Not Listed

Affected Systems

SurrealDB
SurrealDB: < 3.1.5 (Fixed in: 3.1.5)

Mitigation Strategies

Upgrade SurrealDB to version 3.1.5 or higher
Restrict database 'Owner' roles and administrative privileges
Implement infrastructure-level egress firewall rules
Use static local cryptographic keys in ACCESS configurations

Remediation Steps:

Identify all running instances of SurrealDB and verify their running versions.
Upgrade the instances to version 3.1.5 or newer to ensure the custom redirect policy is enforced in the IAM module.
Configure firewall or security group rules to block egress connections to 127.0.0.1, 169.254.169.254, and RFC 1918 private subnets from the database hosts.

References

Read the full report for GHSA-H5RG-8P7F-47G2 on our website for more details including interactive diagrams and full exploit analysis.

GHSA-CC8F-FCX3-GPJR: GHSA-cc8f-fcx3-gpjr: Arbitrary File Disclosure via DEFINE ANALYZER mapper filter in SurrealDB

CVE Reports — Sat, 20 Jun 2026 05:11:57 +0000

GHSA-cc8f-fcx3-gpjr: Arbitrary File Disclosure via DEFINE ANALYZER mapper filter in SurrealDB

Vulnerability ID: GHSA-CC8F-FCX3-GPJR
CVSS Score: 7.7
Published: 2026-06-19

A local file disclosure vulnerability exists in SurrealDB's full-text search capabilities, allowing authenticated users with database EDITOR or OWNER roles to read arbitrary files from the host system filesystem. This occurs by abusing the mapper() filter inside a DEFINE ANALYZER statement to point to system files.

TL;DR

Authenticated database users with EDITOR or OWNER roles can read arbitrary files from the host filesystem by registering a DEFINE ANALYZER statement with a malicious path in the mapper() filter.

Technical Details

CWE ID: CWE-22
Attack Vector: Network
CVSS Score: 7.7 (High)
Exploit Status: PoC
Impact: High (Arbitrary File Read)
Fixed Version: 3.1.5

Affected Systems

SurrealDB
SurrealDB: < 3.1.5 (Fixed in: 3.1.5)

Code Analysis

Commit: e0912c4

Implements SURREAL_FILE_ALLOWLIST

Mitigation Strategies

Configure SURREAL_FILE_ALLOWLIST to isolate file mappings
Upgrade SurrealDB to version 3.1.5 or higher
Restrict database role privileges

Remediation Steps:

Upgrade SurrealDB to version 3.1.5 or higher.
If unable to upgrade, configure SURREAL_FILE_ALLOWLIST to a designated mapping directory.
Audit registered database analyzers with INFO FOR DB.

References

Read the full report for GHSA-CC8F-FCX3-GPJR on our website for more details including interactive diagrams and full exploit analysis.

GHSA-H4H3-3RFJ-X6FQ: GHSA-H4H3-3RFJ-X6FQ: Value-Ordering Oracle Side-Channel via Indexed ORDER BY in SurrealDB

CVE Reports — Sat, 20 Jun 2026 04:42:22 +0000

GHSA-H4H3-3RFJ-X6FQ: Value-Ordering Oracle Side-Channel via Indexed ORDER BY in SurrealDB

Vulnerability ID: GHSA-H4H3-3RFJ-X6FQ
CVSS Score: 4.3
Published: 2026-06-19

SurrealDB versions 3.0.0 through 3.1.4 contain an information exposure vulnerability (CWE-203) where the query planner optimizes sorted queries using indexes on fields with field-level SELECT restrictions. Because the query planner performs index-based sorting before enforcing permission-based redaction, unauthorized users can observe the physical order of returned rows to deduce the relative values of protected fields.

TL;DR

SurrealDB's query planner prematurely optimizes sorting via indexes on restricted fields before enforcing permission boundaries. An unauthorized user can query a restricted field with an ORDER BY clause, causing the database to sort the rows by the hidden values before replacing them with null. By observing the returned row sequence relative to user-controlled records, an attacker can construct a binary search oracle to extract confidential data.

⚠️ Exploit Status: POC

Technical Details

CWE ID: CWE-203 (Information Exposure Through Discrepancy)
Attack Vector: Network (Unauthenticated or Low-Privileged SQL Access)
CVSS v3.1: 4.3 (Medium)
Impact Type: Confidentiality / Data Exposure Side-Channel
Exploit Status: Conceptual / PoC
Remediation Status: Patched in 3.1.5

Affected Systems

SurrealDB instances utilizing multi-tenant schemas
SurrealQL setups with field-level SELECT permissions and indexed fields
surrealdb: >= 3.0.0, < 3.1.5 (Fixed in: 3.1.5)

Exploit Details

GitHub Security Advisory: The advisory describes the structure of the side-channel leak and conceptual mitigation strategies.

Mitigation Strategies

Upgrade to SurrealDB version 3.1.5 or newer to ensure the query planner applies permission checks prior to index optimization.
Set the environment variable SURREAL_PLANNER_STRATEGY=compute-only to force the engine to execute queries without planner optimizations.
Remove index definitions from sensitive, select-restricted fields.
Enforce data security boundaries at the table level using table-level PERMISSIONS schemas instead of column-level restrictions.

Remediation Steps:

Identify all SurrealDB tables containing both field-level SELECT permissions and active index definitions.
Verify the current running version of SurrealDB by executing 'surreal version' in the terminal.
If the running version is between 3.0.0 and 3.1.4, plan a maintenance window to upgrade the database binary.
Download and install SurrealDB version 3.1.5 or later from the official repository.
If upgrading is delayed, configure the environment variable 'SURREAL_PLANNER_STRATEGY=compute-only' in the service environment file.
Restart the SurrealDB service to apply the configuration or binary updates.

References

Read the full report for GHSA-H4H3-3RFJ-X6FQ on our website for more details including interactive diagrams and full exploit analysis.

GHSA-HV6H-HC26-Q48P: GHSA-HV6H-HC26-Q48P: Field-level SELECT permissions bypassed via graph and reference traversals in SurrealDB

CVE Reports — Sat, 20 Jun 2026 04:11:38 +0000

GHSA-HV6H-HC26-Q48P: Field-level SELECT permissions bypassed via graph and reference traversals in SurrealDB

Vulnerability ID: GHSA-HV6H-HC26-Q48P
CVSS Score: 4.3
Published: 2026-06-19

A security vulnerability exists in SurrealDB's streaming query planner where streaming graph edge traversals or reverse-reference traversals bypass field-level SELECT permissions. This vulnerability allows an authenticated database user with valid, low-privileged credentials holding table-level SELECT permissions to bypass field-level access controls and read highly confidential or restricted fields.

TL;DR

A vulnerability in SurrealDB's streaming query planner allows authenticated, low-privileged users to bypass field-level SELECT permissions and access restricted data by using graph edge or reverse-reference traversals.

⚠️ Exploit Status: POC

Technical Details

CWE ID: CWE-862
Attack Vector: Network
CVSS Score: 4.3 (Medium)
EPSS Score: N/A
Impact: Confidentiality Bypass (Read-only)
Exploit Status: Proof-of-Concept
KEV Status: Not Listed

Affected Systems

SurrealDB instances utilizing the default streaming query executor
surrealdb: >= 3.1.0, <= 3.1.4 (Fixed in: 3.1.5)

Code Analysis

Commit: ffaf5e3

Correct field permissions and computed fields in resolve_record_batch

@@ -126,6 +129,18 @@ pub(crate) async fn resolve_version_stamp(
+/// SECURITY: when `fetch_full` is `true` the materialised record must go
+/// through the *same* field-level processing as an ordinary table scan...

Mitigation Strategies

Upgrade to SurrealDB 3.1.5 or newer.
Force the legacy compute-only executor to bypass the streaming query planner.
Restructure database schemas to enforce access control boundaries at the table level.

Remediation Steps:

Identify vulnerable SurrealDB instances running versions between 3.1.0 and 3.1.4.
If immediate patching is not possible, apply the environment variable SURREAL_PLANNER_STRATEGY=compute-only.
Download and install SurrealDB version 3.1.5 or newer.
Restart the database services with the updated binary.
Verify the remediation by running a graph edge traversal query and ensuring field-level filters are enforced.

References

Read the full report for GHSA-HV6H-HC26-Q48P on our website for more details including interactive diagrams and full exploit analysis.

GHSA-JV2J-MQMW-XVV5: GHSA-jv2j-mqmw-xvv5: Stack Overflow Denial of Service in SurrealDB Query Engine

CVE Reports — Sat, 20 Jun 2026 02:42:03 +0000

GHSA-jv2j-mqmw-xvv5: Stack Overflow Denial of Service in SurrealDB Query Engine

Vulnerability ID: GHSA-JV2J-MQMW-XVV5
CVSS Score: 6.5
Published: 2026-06-19

An authenticated denial-of-service vulnerability in SurrealDB allows remote attackers with query privileges to crash the server process. The issue arises from uncontrolled recursion during the compilation, serialization, or deallocation of exceptionally deep Abstract Syntax Trees (ASTs). While the iterative Pratt parser successfully handles long flat sequences of binary operators without triggering recursion limits, the resulting AST structure causes stack overflow in downstream recursive tree-walking components.

TL;DR

A stack overflow vulnerability in SurrealDB allows authenticated users to trigger an uncatchable process abort by submitting queries with thousands of chained binary operators. The issue is resolved in version 3.1.5 by introducing a parser-level recursion depth limit.

⚠️ Exploit Status: POC

Technical Details

CWE ID: CWE-674, CWE-400
Attack Vector: Network
CVSS v3.1 Score: 6.5 (Medium)
Exploit Status: Proof-of-Concept
CISA KEV Status: Not Listed
Impact: Denial of Service (Process Abort)

Affected Systems

SurrealDB Server
SurrealDB: >= 3.0.0, < 3.1.5 (Fixed in: 3.1.5)

Mitigation Strategies

Upgrade SurrealDB to version 3.1.5 or later.
Configure the SURREAL_MAX_EXPRESSION_PARSING_DEPTH environment variable to a safe limit.
Run SurrealDB with the --deny-arbitrary-query flag to prevent low-privileged users from running custom SurrealQL queries.

Remediation Steps:

Deploy SurrealDB version 3.1.5 to all environment instances.
Verify system environment variables are configured with SURREAL_MAX_EXPRESSION_PARSING_DEPTH=128.
Configure reverse proxies to drop HTTP requests containing excessive repetition of mathematical or logical symbols.

References

Read the full report for GHSA-JV2J-MQMW-XVV5 on our website for more details including interactive diagrams and full exploit analysis.

GHSA-869J-R97X-HX2G: GHSA-869J-R97X-HX2G: Local Path Traversal and Cross-Origin Resource Sharing Bypass in Anki Desktop

CVE Reports — Fri, 19 Jun 2026 23:41:33 +0000

GHSA-869J-R97X-HX2G: Local Path Traversal and Cross-Origin Resource Sharing Bypass in Anki Desktop

Vulnerability ID: GHSA-869J-R97X-HX2G
CVSS Score: 8.7
Published: 2026-06-19

The local media server (mediasrv.py) in Anki up to and including version 25.09.2 fails to validate incoming HTTP requests. The server does not validate the Origin header, enabling cross-origin requests. Additionally, several endpoints suffer from directory traversal vulnerabilities. Combined, these flaws permit an unauthenticated remote attacker to exfiltrate arbitrary files from a local file system when a user visits a malicious website.

TL;DR

A critical vulnerability in Anki's local HTTP media server allows malicious websites to perform cross-origin directory traversal attacks, resulting in silent local file exfiltration from vulnerable browsers such as Firefox.

⚠️ Exploit Status: POC

Technical Details

CWE ID: CWE-346, CWE-22
Attack Vector: Network
CVSS v4.0: 8.7
Impact: Arbitrary Local File Read
Exploit Status: Proof of Concept (PoC) available
First Patched Version: 25.09.3

Affected Systems

Anki Desktop Application (aqt Python module)
aqt: <= 25.09.2 (Fixed in: 25.09.3)

Code Analysis

Commit: f4692e5

Fix path traversal vulnerabilities and improve path containment check logic

Commit: 858e568

Fix host shadowing bug inside local HTTP request routing logic

Mitigation Strategies

Upgrade Anki to version 25.09.3 or later
Avoid running Anki in the background when browsing untrusted websites using Firefox or browsers lacking Private Network Access (PNA) protection
Utilize Chromium-based web browsers that block public-to-local cross-origin network requests by default

Remediation Steps:

Download the patched Anki installation package (version 25.09.3 or higher) from the official repository
Replace the existing vulnerable installation of the 'aqt' python module
Verify that running processes are restarted so the new mediasrv logic is in effect

References

Read the full report for GHSA-869J-R97X-HX2G on our website for more details including interactive diagrams and full exploit analysis.

CVE-2026-11769: CVE-2026-11769: Local File Read and Privilege Escalation in Grafana Operator via Jsonnet Evaluation

CVE Reports — Fri, 19 Jun 2026 21:12:19 +0000

CVE-2026-11769: Local File Read and Privilege Escalation in Grafana Operator via Jsonnet Evaluation

Vulnerability ID: CVE-2026-11769
CVSS Score: 6.4
Published: 2026-06-19

CVE-2026-11769 is a directory traversal vulnerability affecting the Grafana Operator before version 5.24.0. An authenticated attacker with basic namespace privileges can deploy a crafted GrafanaDashboard or GrafanaLibraryPanel custom resource to read sensitive local files. This enables the extraction of the service account token of the operator manager, resulting in cluster-wide privilege escalation.

TL;DR

A directory traversal flaw in the Jsonnet templating engine of Grafana Operator allows namespace-level users to read arbitrary files from the manager pod and escalate privileges to cluster-wide administrator.

⚠️ Exploit Status: POC

Technical Details

CWE ID: CWE-22 (Path Traversal), CWE-269 (Improper Privilege Management)
Attack Vector: Network (AV:N)
CVSS: 6.4 (CVSS v4.0)
EPSS: 0.0032 (Percentile: 23.55%)
Impact: Privilege Escalation to Cluster Administrator
Exploit Status: PoC (In-repository tests)
KEV Status: Not Listed

Affected Systems

Grafana Operator
Grafana Operator: <= 5.23 (Fixed in: 5.24.0)

Code Analysis

Commit: 5bb71ae

fix: use os.Root for jsonnet imports

Exploit Details

Grafana Operator GitHub Repository: Integration test files demonstrate path traversal verification using a crafted gzip-compressed Jsonnet project archive.

Mitigation Strategies

Upgrade to Grafana Operator version 5.24.0 or higher.
Deploy a Kubernetes ValidatingAdmissionPolicy to block Jsonnet build parameters in custom resources.
Enforce least-privilege RBAC roles for the operator manager service account.

Remediation Steps:

Execute 'helm upgrade -i grafana-operator oci://ghcr.io/grafana/helm-charts/grafana-operator --version 5.24.0' to update the operator deployment.
Apply the CRD updates using the manifests supplied in the release assets of version 5.24.0.
Audit all namespaces for existing GrafanaDashboard resources that utilize the jsonnetProjectBuild configuration.

References

Read the full report for CVE-2026-11769 on our website for more details including interactive diagrams and full exploit analysis.

CVE-2026-53725: CVE-2026-53725: Sensitive Information Disclosure via MFA Re-fetch Bypass in Parse Server

CVE Reports — Fri, 19 Jun 2026 20:41:50 +0000

CVE-2026-53725: Sensitive Information Disclosure via MFA Re-fetch Bypass in Parse Server

Vulnerability ID: CVE-2026-53725
CVSS Score: 5.9
Published: 2026-06-19

CVE-2026-53725 is a critical sensitive information disclosure vulnerability in Parse Server (versions 9.8.0 to < 9.9.1-alpha.5). When Multi-Factor Authentication (MFA) is enabled and standard read permissions on the _User class are restricted via Class-Level Permissions (CLPs), the /login and /verifyPassword endpoints improperly fall back to returning the raw database row upon a failed mock re-fetch request. This behavior leaks plaintext MFA TOTP secrets, recovery codes, and fields designated as protected, enabling attackers with compromised user passwords to bypass multi-factor authentication controls entirely.

TL;DR

Parse Server improperly falls back to returning raw, unsanitized database rows containing plaintext MFA TOTP secrets and recovery codes when user re-fetch queries are blocked by restricted Class-Level Permissions, allowing attackers with primary credentials to bypass second-factor controls.

Technical Details

CWE ID: CWE-200: Exposure of Sensitive Information to an Unauthorized Actor
Attack Vector: Network (AV:N)
CVSS v4.0 Score: 5.9 (Medium)
EPSS Score: 0.00251 (Percentile: 16.20%)
Impact: Full multi-factor authentication bypass and sensitive profile information leak
Exploit Status: None (No public exploit code or active exploitation reported)
KEV Status: Not listed in CISA KEV catalog

Affected Systems

Parse Server
parse-server: >= 9.8.0, < 9.9.1-alpha.5 (Fixed in: 9.9.1-alpha.5)

Code Analysis

Commit: d3a3603

Fix _User CLP refetch fallback leaks raw MFA secrets and protected fields

Mitigation Strategies

Upgrade Parse Server to a non-vulnerable version immediately.
Ensure Class-Level Permissions do not cause unexpected exceptions during internal authentication mock re-fetches.
Monitor response payload schemas for high-risk attributes like 'authData.mfa.secret' at the API gateway layer.

Remediation Steps:

Update parse-server in package.json to version 9.9.1-alpha.5 or higher.
Redeploy the application service containers.
Review user Class-Level Permissions (CLPs) to confirm that standard authenticated sessions perform expected mock query actions.
Audit existing user authentication logs for anomalous calls to /verifyPassword.

References

Read the full report for CVE-2026-53725 on our website for more details including interactive diagrams and full exploit analysis.

CVE-2026-53726: CVE-2026-53726: Authorization Bypass in Parse Server Relation Queries ($relatedTo)

CVE Reports — Fri, 19 Jun 2026 20:12:04 +0000

CVE-2026-53726: Authorization Bypass in Parse Server Relation Queries ($relatedTo)

Vulnerability ID: CVE-2026-53726
CVSS Score: 6.9
Published: 2026-06-19

Parse Server prior to versions 8.6.80 and 9.9.1-alpha.6 contains an authorization bypass vulnerability in its relation query handling. A database query utilizing the $relatedTo operator can read the membership details of a Relation field even when that field is hidden via protectedFields or restricted by object-level Access Control Lists (ACLs).

TL;DR

An unauthenticated remote attacker can bypass relation-level access controls and object-level ACLs using the $relatedTo query operator to extract private membership data and map relational structures.

⚠️ Exploit Status: POC

Technical Details

CWE ID: CWE-639: Authorization Bypass Through User-Controlled Key
Attack Vector: Network (Remote, Public API)
CVSS v4.0 Score: 6.9 (Medium)
EPSS Score: 0.00276
Exploit Status: PoC Available (Unit/Integration Tests)
KEV Status: Not Listed

Affected Systems

Parse Server deployments
parse-server: < 8.6.80 (Fixed in: 8.6.80)
parse-server: >= 9.0.0, < 9.9.1-alpha.6 (Fixed in: 9.9.1-alpha.6)

Mitigation Strategies

Upgrade to patched versions of Parse Server
Implement Cloud Code beforeFind validation for $relatedTo parameters
Refactor direct Relations to intermediate join-class collections with CLP limits

Remediation Steps:

Identify vulnerable parse-server dependency versions in package.json
Update package dependency version constraint to require parse-server >= 8.6.80 or >= 9.9.1-alpha.6
Execute npm update parse-server to fetch the secure builds
Verify query path execution using restrictive Class-Level Permissions (CLPs) and integration tests

References

Read the full report for CVE-2026-53726 on our website for more details including interactive diagrams and full exploit analysis.