Threats Tagged 'cve-2026-30848'
View all threats tagged with 'cve-2026-30848'. Filter and sort to focus on specific types of threats.
Stop chasing alerts. Route them.
Start free, then upgrade once to turn Radar into an automated delivery engine for your security stack.
Custom feeds / Automations: email, Slack, webhooks, SIEM/MISP / API access (baseline limits)
API access activates after upgrading in Console -> Billing.
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.
Filter Threats
Narrow down the results by type, severity, or affected countries
Threats Tagged 'cve-2026-30848'
Click on any threat for detailed analysis and mitigation recommendations
CVE-2026-30848: CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') in parse-community parse-serverCVE-2026-30848 0 Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Prior to versions 8.6.8 and 9.5.0-alpha.8, the PagesRouter static file serving route is vulnerable to a path traversal attack that allows unauthenticated reading of files outside the configured pagesPath directory. The boundary check uses a string prefix comparison without enforcing a directory separator boundary. An attacker can use path traversal sequences to access files in sibling directories whose names share the same prefix as the pages directory (e.g. pages-secret starts with pages). This issue has been patched in versions 8.6.8 and 9.5.0-alpha.8. Join the discussion | CVE Database V5 | 03/07/2026, 16:20:22 UTC Added: 03/07/2026, 16:31:11 UTC |
Showing 1 to 1 of 1 result