CVE-2026-32742 | parse-community parse-server up to 8.6.41/9.6.0-alpha.16 Session Creation Endpoint dynamically-determined object attributes (GHSA-5v7g-9h8f-8pgg)

A vulnerability was found in parse-community parse-server up to 8.6.41/9.6.0-alpha.16 and classified as problematic. This affects an unknown part of the component Session Creation Endpoint. Executing a manipulation can lead to dynamically-determined object attributes.

This vulnerability appears as CVE-2026-32742. The attack may be performed from remote. There is no available exploit.

It is suggested to upgrade the affected component.VulDB Recent EntriesRead More