Package impact
npm / parse-server
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2026-47138 | high | — | 8.0 | 12d ago | Parse Server: Pre-authentication denial of service via client version header regex backtracking | |||
| CVE-2026-43930 | medium | 5.9 | 5.9 | 23d ago | parse-server: MFA SMS one-time password accepted twice under concurrent login | |||
| CVE-2026-47248 | unknown | — | — | 6d ago | Parse Server's GraphQL "Did you mean ...?" validation suggestions disclose schema to unauthenticated callers |