Severity by source
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Network-reachable batch endpoint with no auth per PR:N; C:L/I:L bounded by inner ACL/CLP controls; no availability impact; scope unchanged.
Primary rating from Vendor (GitHub_M).
CVSS VectorVendor: GitHub_M
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Lifecycle Timeline
3Blast Radius
ecosystem impact- 1 npm packages depend on parse-server (1 direct, 0 indirect)
Ecosystem-wide dependent count for version 9.8.0.
DescriptionCVE.org
Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. From version 9.8.0 to before version 9.9.1-alpha.3, the routeAllowList server option restricts external client access to a configured list of REST API routes. The check is only enforced as Express middleware against the outer HTTP request URL, so the /batch handler dispatches each sub-request to the internal router without re-running the allow-list check. An external caller whose outer route matches batch can issue batch sub-requests to any REST API route that the operator omitted from the allow-list. Authentication, ACL, CLP, and other inner-route authorization controls still apply - only the operator-configured route firewall is bypassed. This issue has been patched in version 9.9.1-alpha.3.
AnalysisAI
Parse Server's operator-configured route firewall (routeAllowList) is bypassed in versions 9.8.0 through 9.9.1-alpha.3 when external clients POST to the /batch endpoint with sub-requests targeting routes the operator intended to block. The Express middleware enforcing the allow-list runs only against the outer HTTP request URL; the /batch handler dispatches each embedded sub-request to the internal router without re-running that check. Inner authorization controls - Parse authentication, ACL, and CLP - remain in effect, bounding actual data exposure to whatever those controls permit, but the route-level security boundary is defeated entirely. No public exploit has been identified and EPSS is 0.08%, though operators relying on routeAllowList as a primary access-control layer are directly and materially affected.
Technical ContextAI
Parse Server is an open-source Node.js backend exposing a REST API for Parse Platform clients. The routeAllowList server option acts as an operator-configured route firewall implemented as Express middleware (enforceRouteAllowList in src/middlewares.js). It intercepts incoming HTTP requests, normalizes the URL path, and compares it against the configured list before forwarding to the router. The /batch endpoint (handleBatch in src/batch.js) accepts a single POST containing an array of sub-request objects, each specifying method and path, and dispatches them sequentially to the internal router - bypassing the Express middleware layer entirely. The root cause is CWE-863 (Incorrect Authorization): the authorization check is correctly placed for direct requests but is not re-enforced at the internal dispatch point for batch sub-requests. CPE cpe:2.3:a:parse-community:parse-server:*:*:*:*:*:*:*:* covers the affected range. The fix in PR #10482 imports isRouteAllowed() into src/batch.js and calls it for each sub-request path inside handleBatch() before dispatch, rejecting the entire batch if any sub-request path fails the check. The master key intentionally bypasses the sub-request allow-list check, consistent with its privileged role.
RemediationAI
Upgrade Parse Server to version 9.9.1-alpha.3, which adds per-sub-request routeAllowList enforcement inside handleBatch() (upstream fix: https://github.com/parse-community/parse-server/pull/10482). Note that 9.9.1-alpha.3 is a pre-release; operators should evaluate production stability before deploying and monitor the parse-community repository for a stable release incorporating this fix. If immediate upgrade is not possible, remove batch from the routeAllowList to block external access to the batch endpoint entirely - this will break any client features that use batch API calls and should be weighed against the exposure. As a defense-in-depth measure regardless of upgrade status, ensure that every sensitive class and cloud function route is protected by Parse ACL, CLP, and authentication controls so that even if the route firewall is bypassed, data-level authorization remains enforced. The vendor advisory is at https://github.com/parse-community/parse-server/security/advisories/GHSA-p84r-h6rx-f2xr.
FortiOS and FortiProxy contain an authentication bypass via the Node.js websocket module allowing unauthenticated remote
Eval injection vulnerability in the internals.batch function in lib/batch.js in the bassmaster plugin before 1.5.2 for t
Flowise version 3.0.5 contains a remote code execution vulnerability in the CustomMCP node. The mcpServerConfig paramete
Node.js 8.5.0 before 8.6.0 allows remote attackers to access unintended files, because a change to ".." handling was inc
An issue was discovered in the node-serialize package 0.0.4 for Node.js. Rated critical severity (CVSS 9.8), this vulner
Directory traversal vulnerability in the st module before 0.2.5 for Node.js allows remote attackers to read arbitrary fi
Multiple SQL injection vulnerabilities in the Manage Accounts page in the AccountManagement.asmx service in the Solarwin
The JS-YAML module before 2.0.5 for Node.js parses input without properly considering the unsafe !!js/function tag, whic
Directory traversal vulnerability in lib/app/index.js in Geddy before 13.0.8 for Node.js allows remote attackers to read
Credential-harvesting malware compromised 84 versions of 42 TanStack npm packages on 2026-05-11 via chained GitHub Actio
Eval injection vulnerability in index.js in the syntax-error package before 1.1.1 for Node.js 0.10.x, as used in IBM Rat
The HTTP server in Node.js 0.10.x before 0.10.21 and 0.8.x before 0.8.26 allows remote attackers to cause a denial of se
Same weakness CWE-863 – Incorrect Authorization
View allSame technique Authentication Bypass
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-36537
GHSA-p84r-h6rx-f2xr