CVE-2025-68150

Description

Parse Server is vulnerable to Server-Side Request Forgery (SSRF) via Instagram OAuth Adapter

Predictions

Heuristic predictions, AS-IS, for prioritization only.

Mitigations

No vendor mitigations ingested yet for this CVE. The mitigation-content worker queues fetches as references arrive — check back in a few minutes, or see the references list below.

References

• https://github.com/parse-community/parse-server/security/advisories/GHSA-3f5f-xgrj-97pf
• https://nvd.nist.gov/vuln/detail/CVE-2025-68150
• https://github.com/parse-community/parse-server/pull/9988
• https://github.com/parse-community/parse-server/pull/9989
• https://github.com/parse-community/parse-server