Parse Dashboard
CVE-2026-27595
CRITICAL
Severity by source
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:H/SI:H/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Remote unauthenticated endpoint with no user interaction (AV:N/AC:L/PR:N/UI:N); master-key actions on the separate Parse Server justify S:C with high confidentiality/integrity and no availability impact (A:N).
Primary rating from Vendor (github).
CVSS VectorVendor: github
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:H/SI:H/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Lifecycle Timeline
9DescriptionCVE.org
Parse Dashboard is a standalone dashboard for managing Parse Server apps. In versions 7.3.0-alpha.42 through 9.0.0-alpha.7, the AI Agent API endpoint (POST /apps/:appId/agent) has multiple security vulnerabilities that, when chained, allow unauthenticated remote attackers to perform arbitrary read and write operations against any connected Parse Server database using the master key. The agent feature is opt-in; dashboards without an agent config are not affected. The fix in version 9.0.0-alpha.8 adds authentication, CSRF validation, and per-app authorization middleware to the agent endpoint. Read-only users are restricted to the readOnlyMasterKey with write permissions stripped server-side. A cache key collision between master key and read-only master key was also corrected. As a workaround, remove or comment out the agent configuration block from your Parse Dashboard configuration.
AnalysisAI
Unauthenticated arbitrary database read/write in Parse Dashboard's AI Agent endpoint (POST /apps/:appId/agent) lets remote attackers operate against any connected Parse Server using the master key. Affected builds span the 7.3.0-alpha.42 through 9.0.0-alpha.7 pre-releases, but only deployments that have explicitly enabled the opt-in agent feature are exposed. No public exploit identified at time of analysis, and EPSS is very low (0.04%), but the chained authentication/CSRF/authorization gaps make exploitation trivial where the feature is configured.
Technical ContextAI
Parse Dashboard is the standalone Node.js web admin UI for managing Parse Server backend apps. The flaw is rooted in CWE-306 (Missing Authentication for Critical Function): the AI Agent route was wired into the dashboard without the authentication, CSRF, and per-app authorization middleware that protects other privileged operations. Because the agent acts on behalf of the dashboard with the Parse Server master key, a request reaching the endpoint inherits full, ACL-bypassing master-key privileges over the connected database. A secondary defect - a cache key collision between the master key and the read-only master key - further weakened the read-only privilege boundary. CPE data confirms the affected component as cpe:2.3:a:parseplatform:parse_dashboard across the 7.3.0-alpha and 7.4.0-alpha node.js builds.
RemediationAI
Vendor-released patch: 9.0.0-alpha.8 - upgrade the parse-dashboard npm package to 9.0.0-alpha.8 or later, which adds authentication, CSRF validation, and per-app authorization middleware to the agent endpoint, restricts read-only users to the readOnlyMasterKey with write permissions stripped server-side, and fixes the master-key/read-only-master-key cache collision (commit f92a9ef5246d57e51696bd881a15f3b133b2bb50). If you cannot upgrade immediately, the vendor-supported workaround is to remove or comment out the entire agent configuration block from your Parse Dashboard configuration; dashboards without an agent config are not affected. The trade-off of the workaround is loss of the AI agent functionality, which is acceptable since the feature is opt-in. Refer to advisory GHSA-qwc3-h9mg-4582 (https://github.com/parse-community/parse-dashboard/security/advisories/GHSA-qwc3-h9mg-4582) and the release at https://github.com/parse-community/parse-dashboard/releases/tag/9.0.0-alpha.8.
More in Parse Dashboard
View allBroken authorization in Parse Dashboard's AI Agent endpoint (POST /apps/:appId/agent) lets any authenticated user reach
Cross-site request forgery in Parse Dashboard (versions 7.3.0-alpha.42 through 9.0.0-alpha.7) lets a remote attacker abu
Privilege escalation via cache key collision in Parse Dashboard (npm parse-dashboard) versions 7.3.0-alpha.42 through 9.
Share
External POC / Exploit Code
Leaving vuln.today
GHSA-qwc3-h9mg-4582