CVE-2026-27595 in parse-dashboard
Summary
by MITRE • 02/25/2026
Parse Dashboard is a standalone dashboard for managing Parse Server apps. In versions 7.3.0-alpha.42 through 9.0.0-alpha.7, the AI Agent API endpoint (POST `/apps/:appId/agent`) has multiple security vulnerabilities that, when chained, allow unauthenticated remote attackers to perform arbitrary read and write operations against any connected Parse Server database using the master key. The agent feature is opt-in; dashboards without an agent config are not affected. The fix in version 9.0.0-alpha.8 adds authentication, CSRF validation, and per-app authorization middleware to the agent endpoint. Read-only users are restricted to the `readOnlyMasterKey` with write permissions stripped server-side. A cache key collision between master key and read-only master key was also corrected. As a workaround, remove or comment out the agent configuration block from your Parse Dashboard configuration.
Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.
Analysis
by VulDB Data Team • 02/28/2026
The vulnerability CVE-2026-27595 affects Parse Dashboard versions 7.3.0-alpha.42 through 9.0.0-alpha.7, presenting a critical security flaw in the AI Agent API endpoint that enables unauthenticated remote attackers to execute arbitrary read and write operations against any connected Parse Server database. This vulnerability specifically targets the POST `/apps/:appId/agent` endpoint and represents a severe authorization bypass that could compromise entire Parse Server deployments. The flaw stems from inadequate authentication mechanisms and insufficient access controls within the agent feature implementation, which is an opt-in configuration that must be explicitly enabled by administrators. The vulnerability aligns with CWE-285, which addresses insufficient authorization in software systems, and demonstrates how improper access control can lead to complete system compromise when combined with other security weaknesses. Attackers can exploit this vulnerability without requiring any authentication credentials, making it particularly dangerous as it allows for immediate exploitation of database resources that should be protected by master key authentication.
The technical implementation of this vulnerability involves multiple interconnected security failures that compound to create an exploitable condition. The AI Agent API endpoint lacks proper authentication checks, allowing any remote attacker to submit requests that bypass normal authorization procedures. When combined with the absence of CSRF protection and per-app authorization middleware, the vulnerability creates a complete attack vector that enables unauthorized access to database operations. The attack chain requires no prior authentication, as the endpoint accepts requests from unauthenticated users and processes them with the master key credentials stored within the Parse Server configuration. This represents a classic case of privilege escalation through improper access control, where the system fails to validate that requests originate from authorized users with legitimate access rights. The vulnerability affects the entire Parse Server ecosystem rather than individual applications, as the master key provides access to all database collections within the server. The implementation follows ATT&CK technique T1078 for valid accounts, where attackers can leverage the master key to gain unauthorized access to system resources, and T1566 for social engineering through API endpoints that are not properly secured.
The operational impact of this vulnerability extends beyond simple data theft to include complete database manipulation capabilities that can result in data corruption, unauthorized modifications, and potential service disruption. An attacker can perform read operations to extract sensitive user data, personal information, and application data stored in the Parse Server database. Write operations enable attackers to modify existing records, create new entries, delete data, or even execute database commands that could compromise the entire backend infrastructure. The vulnerability affects organizations using Parse Dashboard with the AI Agent feature enabled, potentially exposing thousands of applications to attack if they have not implemented proper security measures. The impact is particularly severe because the master key provides elevated privileges that bypass normal database access controls, allowing attackers to perform operations that would normally require administrative access. Organizations may experience data breaches, compliance violations, and potential legal consequences due to unauthorized access to sensitive information stored in their Parse Server deployments. The vulnerability also impacts system availability as attackers can potentially delete critical data or corrupt database structures, leading to service disruption and potential data loss.
The fix implemented in version 9.0.0-alpha.8 addresses the core security issues through multiple defensive measures that align with security best practices and industry standards. The solution incorporates proper authentication mechanisms that require valid credentials before processing agent requests, eliminating the unauthenticated access that previously enabled exploitation. CSRF validation has been added to prevent cross-site request forgery attacks that could be used to exploit the vulnerability through malicious web pages or applications. Per-app authorization middleware ensures that requests are properly validated against the specific application context, preventing unauthorized access to other applications within the same Parse Server instance. The fix also addresses a cache key collision issue between master key and read-only master key configurations, which could have led to incorrect authorization decisions. This comprehensive approach to remediation follows the principle of least privilege by ensuring that even read-only users are restricted to the `readOnlyMasterKey` with write permissions stripped server-side, preventing unauthorized modifications to database content. Organizations should immediately upgrade to version 9.0.0-alpha.8 or later to address this vulnerability, as the patch implements proper access controls that align with the NIST Cybersecurity Framework's protect function and the ISO 27001 security controls for access control management. The workaround of removing or commenting out the agent configuration block provides a temporary mitigation strategy for organizations unable to immediately apply the patch, though this approach should be considered a temporary measure rather than a permanent solution to the security vulnerability.