Cyber Resilience

CVE-2026-27595

CriticalUpdated

Published: 25 February 2026

Published
25 February 2026
Modified
26 June 2026
KEV Added
Patch
CVSS Score v4 9.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:H/SI:H/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
EPSS Score 0.0045 35.8th percentile
Risk Priority 70 floored blend · peak EPSS

Summary

CVE-2026-27595 is a critical-severity Missing Authentication for Critical Function (CWE-306) vulnerability in Parseplatform Parse Dashboard. Its CVSS base score is 9.9 (Critical).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked at the 35.8th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.

This vulnerability is AI-related — categorised as AI Agent Protocols and Integrations; in the Protocol-Specific Risks risk domain.

The strongest mitigations our analysis identified are NIST 800-53 AC-14 (Permitted Actions Without Identification or Authentication) and AC-3 (Access Enforcement).

Deeper analysis

CVE-2026-27595 is a vulnerability in Parse Dashboard, a standalone dashboard for managing Parse Server apps, affecting versions 7.3.0-alpha.42 through 9.0.0-alpha.7. It stems from multiple security issues in the AI Agent API endpoint (POST `/apps/:appId/agent`), which can be chained to allow unauthenticated remote attackers to perform arbitrary read and write operations against any connected Parse Server database using the master key. The agent feature is opt-in, meaning dashboards without an agent configuration are not affected. The issue is classified under CWE-306 (Missing Authentication for Critical Function) with a CVSS v3.1 base score of 7.5 (AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N).

Unauthenticated remote attackers can exploit the chained vulnerabilities by sending requests to the exposed agent endpoint, bypassing authentication and gaining full master key privileges. This enables complete read and write access to databases across any connected Parse Server instances managed by the dashboard, potentially leading to data exfiltration, modification, or deletion without requiring user interaction or privileges.

Mitigation is available in Parse Dashboard version 9.0.0-alpha.8, which adds authentication, CSRF validation, and per-app authorization middleware to the agent endpoint. It further restricts read-only users to the `readOnlyMasterKey` with write permissions stripped server-side and corrects a cache key collision between the master key and read-only master key. As a workaround, remove or comment out the agent configuration block from the Parse Dashboard configuration. Details are provided in the GitHub release notes (https://github.com/parse-community/parse-dashboard/releases/tag/9.0.0-alpha.8) and security advisory (https://github.com/parse-community/parse-dashboard/security/advisories/GHSA-qwc3-h9mg-4582).

OWASP Top 10 for Web (2025)

EU & UK References

Vulnerability details

Parse Dashboard is a standalone dashboard for managing Parse Server apps. In versions 7.3.0-alpha.42 through 9.0.0-alpha.7, the AI Agent API endpoint (POST `/apps/:appId/agent`) has multiple security vulnerabilities that, when chained, allow unauthenticated remote attackers to perform arbitrary read and write…

more

operations against any connected Parse Server database using the master key. The agent feature is opt-in; dashboards without an agent config are not affected. The fix in version 9.0.0-alpha.8 adds authentication, CSRF validation, and per-app authorization middleware to the agent endpoint. Read-only users are restricted to the `readOnlyMasterKey` with write permissions stripped server-side. A cache key collision between master key and read-only master key was also corrected. As a workaround, remove or comment out the agent configuration block from your Parse Dashboard configuration.

CWE(s)

AI Security AnalysisAI

AI Category
AI Agent Protocols and Integrations
Risk Domain
Protocol-Specific Risks
OWASP Top 10 for LLMs 2025
None mapped
Classification Reason
Matched keywords: ai

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1190 Exploit Public-Facing Application Initial Access
Adversaries may attempt to exploit a weakness in an Internet-facing host or system to initially access a network.
Why these techniques?

Unauthenticated remote exploitation of missing authentication (CWE-306) in exposed AI Agent API endpoint of public-facing Parse Dashboard, enabling arbitrary DB read/write via master key.

Confidence: HIGH · MITRE ATT&CK Enterprise v19.0

CVEs Like This One

CVE-2026-27608Same product: Parseplatform Parse Dashboard
CVE-2026-32594Same vendor: Parseplatform
CVE-2026-32211Shared CWE-306
CVE-2026-34532Same vendor: Parseplatform
CVE-2026-30967Same vendor: Parseplatform
CVE-2026-34784Same vendor: Parseplatform
CVE-2026-30947Same vendor: Parseplatform
CVE-2026-31871Same vendor: Parseplatform
CVE-2026-32098Same vendor: Parseplatform
CVE-2026-33032Shared CWE-306

Affected Assets

parseplatform
parse dashboard
7.3.0, 7.4.0, 7.5.0, 7.6.0, 8.0.0

Mitigating Controls

Mitigating Controls (NIST 800-53 r5) AI

prevent

Directly prohibits critical actions like arbitrary database read/write operations via the unauthenticated AI Agent API endpoint.

prevent

Enforces access control policies to prevent unauthenticated chaining of vulnerabilities granting master key privileges to Parse Server databases.

prevent

Limits privileges to mitigate full master key access, aligning with server-side write restrictions for read-only users and cache collision fixes.

References