Cyber Resilience

CVE-2026-27608

CriticalUpdated

Published: 25 February 2026

Published
25 February 2026
Modified
26 June 2026
KEV Added
Patch
CVSS Score v4 9.3 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:H/SI:H/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
EPSS Score 0.0022 12.4th percentile
Risk Priority 70 floored blend · peak EPSS

Summary

CVE-2026-27608 is a critical-severity Missing Authorization (CWE-862) vulnerability in Parseplatform Parse Dashboard. Its CVSS base score is 9.3 (Critical).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploitation for Privilege Escalation (T1068); ranked at the 12.4th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.

This vulnerability is AI-related — categorised as AI Agent Protocols and Integrations; in the Protocol-Specific Risks risk domain.

The strongest mitigations our analysis identified are NIST 800-53 AC-3 (Access Enforcement) and AC-6 (Least Privilege).

Deeper analysis

CVE-2026-27608 is a missing authorization vulnerability (CWE-862) in Parse Dashboard, a standalone dashboard for managing Parse Server apps. It affects versions 7.3.0-alpha.42 through 9.0.0-alpha.7, specifically the AI Agent API endpoint at POST /apps/:appId/agent, which fails to enforce proper authorization checks. The issue carries a CVSS v3.1 base score of 8.1 (AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N). Only dashboards with the agent configuration enabled are vulnerable.

Authenticated users scoped to specific apps can exploit the flaw by altering the app ID in the URL to access the agent endpoint of any other app. Read-only users receive the full master key rather than the read-only master key, enabling them to include write permissions in the request body and perform unauthorized write and delete operations across apps.

The fix in version 9.0.0-alpha.8 adds per-app authorization checks and server-side restrictions that limit read-only users to the readOnlyMasterKey with write permissions stripped. As a workaround, remove the agent configuration block from the dashboard setup, as dashboards lacking this config are unaffected. Details are available in the GitHub release notes at https://github.com/parse-community/parse-dashboard/releases/tag/9.0.0-alpha.8 and security advisory at https://github.com/parse-community/parse-dashboard/security/advisories/GHSA-cvwj-6c9h-jg6v.

This vulnerability pertains to the AI Agent API endpoint, highlighting authorization risks in AI/ML-integrated management interfaces for Parse Server deployments.

OWASP Top 10 for Web (2025)

EU & UK References

Vulnerability details

Parse Dashboard is a standalone dashboard for managing Parse Server apps. In versions 7.3.0-alpha.42 through 9.0.0-alpha.7, the AI Agent API endpoint (`POST /apps/:appId/agent`) does not enforce authorization. Authenticated users scoped to specific apps can access any other app's agent endpoint…

more

by changing the app ID in the URL. Read-only users are given the full master key instead of the read-only master key and can supply write permissions in the request body to perform write and delete operations. Only dashboards with `agent` configuration enabled are affected. The fix in version 9.0.0-alpha.8 adds per-app authorization checks and restricts read-only users to the `readOnlyMasterKey` with write permissions stripped server-side. As a workaround, remove the `agent` configuration block from your dashboard configuration. Dashboards without an `agent` config are not affected.

CWE(s)

AI Security AnalysisAI

AI Category
AI Agent Protocols and Integrations
Risk Domain
Protocol-Specific Risks
OWASP Top 10 for LLMs 2025
None mapped
Classification Reason
Matched keywords: ai

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1068 Exploitation for Privilege Escalation Privilege Escalation
Adversaries may exploit software vulnerabilities in an attempt to elevate privileges.
Why these techniques?

Missing authorization on the /agent endpoint directly enables post-authentication privilege escalation (read-only users obtain full master key and perform cross-app write/delete actions).

Confidence: MEDIUM · MITRE ATT&CK Enterprise v19.0

CVEs Like This One

CVE-2026-27595Same product: Parseplatform Parse Dashboard
CVE-2026-31828Same vendor: Parseplatform
CVE-2026-31800Same vendor: Parseplatform
CVE-2026-32658Shared CWE-862
CVE-2026-6506Shared CWE-862
CVE-2025-48574Shared CWE-862
CVE-2025-21396Shared CWE-862
CVE-2021-47701Shared CWE-862
CVE-2026-40349Shared CWE-862
CVE-2024-57726Shared CWE-862

Affected Assets

parseplatform
parse dashboard
7.3.0, 7.4.0, 7.5.0, 7.6.0, 8.0.0

Mitigating Controls

Mitigating Controls (NIST 800-53 r5) AI

prevent

Enforces approved authorizations for the AI Agent API endpoint to prevent app-scoped users from accessing other apps via appId manipulation.

prevent

Applies least privilege to restrict read-only users to readOnlyMasterKey without write permissions, blocking unauthorized writes and deletes.

prevent

Remediates the specific authorization flaw by applying patches like version 9.0.0-alpha.8 with per-app checks and server-side restrictions.

References