A vulnerability marked as problematic has been reported in parse-community parse-server up to 8.6.75/9.9.0-alpha.1 . This impacts an unknown function of the component One-Time Password Handler . This manipulation causes race condition. This vulnerability is handled as CVE-2026-43930 . The attack can be initiated remotely. There is not any exploit available. It is suggested to upgrade the affected component.