Effect `AsyncLocalStorage` context lost/contaminated inside Effect fibers under concurrent load with RPC
- Severity:
- High
Description
No description available.
Recommendation
Update the effect package to the latest compatible version. Followings are version details:
- Affected version(s): < 3.20.0
- Patched version(s): 3.20.0
References
Related Issues
- Parse Server: MFA recovery code single-use bypass via concurrent requests - CVE-2026-33624
- Parse Server has a password reset token single-use bypass via concurrent requests - CVE-2026-32943
- Cloudflare Agents is Vulnerable to Reflected Cross-Site Scripting in the AI Playground's OAuth callback handler - CVE-2026-1721
- Parse Server exposes auth data via /users/me endpoint - CVE-2026-33627
- Tags:
- npm
- effect
Anything's wrong? Let us know Last updated on March 25, 2026