GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
7 advisories
Parse Server has a Cross-Site Scripting (XSS) vulnerability via Unescaped Mustache Template Variables
Moderate
CVE-2025-68115
was published
for
parse-server
(npm)
Dec 16, 2025
Parse Server allows public `explain` queries which may expose sensitive database performance information and schema details
Moderate
CVE-2025-64502
was published
for
parse-server
(npm)
Nov 13, 2025
Parse Javascript SDK vulnerable to prototype pollution in `Parse.Object` and internal APIs
Moderate
CVE-2025-62374
was published
for
parse
(npm)
Oct 14, 2025
Parse Server exposes the data schema via GraphQL API
Moderate
CVE-2025-53364
was published
for
parse-server
(npm)
Jul 10, 2025
Parse Server has an OAuth login vulnerability
Moderate
CVE-2025-30168
was published
for
parse-server
(npm)
Mar 21, 2025
Phishing attack vulnerability by uploading malicious HTML file
Moderate
CVE-2023-32689
was published
for
parse-server
(npm)
May 31, 2023
Invalid push request payload crashes Parse Server
Moderate
CVE-2023-32688
was published
for
parse-server-push-adapter
(npm)
May 22, 2023
ProTip!
Advisories are also available from the
GraphQL API