Severity by source
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Primary rating from Vendor (https://github.com/parse-community/parse-server) · only source for this CVE.
CVSS VectorVendor: https://github.com/parse-community/parse-server
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Lifecycle Timeline
3DescriptionCVE.org
Impact
Parse Server's GraphQL endpoint discloses schema metadata to unauthenticated callers through Did you mean ...? suggestions embedded in GraphQL validation-error messages. An unauthenticated caller who knows only the public application id can iteratively send malformed queries to reconstruct class names, field names, argument names, mutation names, and input-object fields. This bypasses the IntrospectionControlPlugin enforced when graphQLPublicIntrospection: false (the default) and defeats the schema-hiding goal of prior advisories GHSA-48q3-prgv-gm4w and GHSA-q5q9-2rhp-33qw. Schema disclosure aids reconnaissance for downstream authorization probing but does not by itself leak object data or authentication material.
Patches
A new SchemaSuggestionsControlPlugin Apollo plugin strips the Did you mean ...? suffix from GraphQL validation-error messages during validationDidStart, which runs before any introspection gate. The plugin applies only when graphQLPublicIntrospection: false and the caller is not a master-key or maintenance-key holder, matching the trust model of the existing IntrospectionControlPlugin.
Workarounds
No code workaround is available short of disabling the GraphQL API (mountGraphQL: false). Operators who require disclosure-resistant validation errors should upgrade to a patched release.
Resources
- GitHub security advisory: https://github.com/parse-community/parse-server/security/advisories/GHSA-8cph-rgr4-g5vj
- Fix Parse Server 9: https://github.com/parse-community/parse-server/pull/10467
- Fix Parse Server 8: https://github.com/parse-community/parse-server/pull/10468
AnalysisAI
Schema metadata disclosure in Parse Server's GraphQL endpoint allows unauthenticated callers to iteratively reconstruct the full application schema - including class names, field names, argument names, mutation names, and input-object fields - by exploiting 'Did you mean ...?' suggestions embedded in GraphQL validation-error messages. This affects all deployments with the GraphQL API mounted, bypasses the existing IntrospectionControlPlugin (the default schema-hiding control), and directly defeats the security goals of prior advisories GHSA-48q3-prgv-gm4w and GHSA-q5q9-2rhp-33qw. No public exploit or CISA KEV listing has been identified at time of analysis; however, the unauthenticated, low-effort nature of the enumeration technique and the reconnaissance value of schema intelligence make this a meaningful risk for deployments that rely on schema opacity as a defense layer.
Technical ContextAI
Parse Server (pkg:npm/parse-server) provides an Apollo-based GraphQL API endpoint. GraphQL-js validation rules - including FieldsOnCorrectTypeRule, KnownArgumentNamesRule, and KnownTypeNamesRule - are designed to help developers by appending 'Did you mean X?' hints sourced directly from the live schema when a query references an unknown field, argument, or type. Critically, these validation rules execute during the validationDidStart lifecycle phase, which runs before didResolveOperation and therefore before any Apollo server plugin can gate access to schema information. The existing IntrospectionControlPlugin, which enforces graphQLPublicIntrospection: false (the default), operates at the introspection-query level and does not intercept validation-error messages. This architectural gap - rooted in CWE-209 (Generation of Error Message Containing Sensitive Information) - means schema identifiers leak through a side channel that the introspection control was never designed to cover. The affected packages are pkg:npm/parse-server in the 8.x and 9.x release lines.
RemediationAI
Upgrade Parse Server to version 8.6.78 (for the version 8 series) or 9.9.1-alpha.2 (for the version 9 series), which introduce the SchemaSuggestionsControlPlugin Apollo plugin that strips 'Did you mean ...?' suffixes from validation-error messages for unauthenticated callers when graphQLPublicIntrospection is false. Patch PRs are available at https://github.com/parse-community/parse-server/pull/10467 (version 9) and https://github.com/parse-community/parse-server/pull/10468 (version 8). Note that the version 9 fix targets an alpha release (9.9.1-alpha.2); operators on stable version 9 series should verify general availability of a stable patched release before deploying. No code-level workaround is available for operators who require the GraphQL API to remain active. The only workaround is to disable the GraphQL API entirely by setting mountGraphQL: false in the Parse Server configuration, which eliminates the attack surface but also removes all GraphQL functionality. The patched plugin preserves suggestion messages for master-key and maintenance-key holders, so privileged operator workflows are not disrupted by upgrading.
Same weakness CWE-209 – Error Message Information Leak
View allSame technique Information Disclosure
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-36534
GHSA-8cph-rgr4-g5vj