Filter
-Infinity
0

Trending

Last week
Last month
Last year

MongoDBMongoDB Server may crash due to improper validation of explain command

medium
6.5
EPSS
0.04%
First published (updated )
CVE-2025-3084

MongoDBMalformed MongoDB wire protocol messages may cause mongos to crash

high
7.5
EPSS
0.05%
First published (updated )
CVE-2025-3083

MongoDBUser may override a view's collation and gain unauthorized access to underlying data

low
3.1
EPSS
0.03%
First published (updated )
CVE-2025-3082

MongoDB BSONMongoDB C Driver bson library may be susceptible to buffer overflow

high
8.4
First published (updated )
CVE-2025-0755

MongoDBCSFLE and Queryable Encryption self-lookup may fail to encrypt values in subpipelines

low
3.3
First published (updated )
CVE-2024-8013

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

MongoDBMongoDB Server secondaries may crash due to forced index constraints

medium
6.5
EPSS
0.04%
First published (updated )
CVE-2024-8305

MongoDBMongoDB Server may access non-initialized region of memory leading to unexpected behaviour

medium
5
EPSS
0.04%
First published (updated )
CVE-2024-8654

MongoDBMongoDB Server binaries may load potentially insecure shared libraries from specific relative paths

medium
6.7
EPSS
0.04%
First published (updated )
CVE-2024-8207

MongoDBBackup files may be downloaded by underprivileged users in MongoDB Enterprise Server

medium
5.3
EPSS
0.05%
First published (updated )
CVE-2024-6384

MongoDBAccessing Untrusted Directory May Allow Local Privilege Escalation

high
7.8
EPSS
0.04%
First published (updated )
CVE-2024-7553

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

MongoDBMissing authorization check may lead to shard key refinement

medium
6.5
EPSS
0.05%
First published (updated )
CVE-2024-6375

Linux Kernelbcachefs: grab s_umount only if snapshotting

medium
5.5
First published (updated )
CVE-2024-26658

MongoDBMongoDB Server may allow successful untrusted connection

critical
9.8
First published (updated )
CVE-2024-1351

npm/mongodbSome MongoDB Drivers may publish events containing authentication-related data to a command listener configured by an application

high
7.5
First published (updated )
CVE-2021-32050

MongoDBCertificate validation issue in MongoDB Server running on Windows or macOS

high
7.5
First published (updated )
CVE-2023-1409

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

MongoDBMongoDB Server (mongod) may crash in response to unexpected requests

medium
6.5
First published (updated )
CVE-2022-24272

MongoDBLarge aggregation pipelines with a specific stage can crash mongod under default configuration

high
7.5
First published (updated )
CVE-2021-32040

MongoDBDenial of Service and Data Integrity vulnerability in features command

high
7.1
First published (updated )
CVE-2021-32036

MongoDBMongoDB Extension for VS Code may unexpectedly store credentials locally in clear text

medium
5.5
First published (updated )
CVE-2021-32039

MongoDBSpecific replication command with malformed oplog entries can crash secondaries

medium
6.5
First published (updated )
CVE-2021-20330

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

MongoDBUser may trigger invariant when allowed to send commands directly to shards

medium
6.5
First published (updated )
CVE-2021-32037

MongoDBServer log entry spoofing via newline injection

medium
5.3
First published (updated )
CVE-2021-20333

MongoDBSpecially crafted query may result in a denial of service of mongod

medium
6.5
First published (updated )
CVE-2021-20326

MongoDBInvariant failure when explaining a find with a UUID

medium
4.9
First published (updated )
CVE-2018-25004

MongoDBSpecially crafted regex query can cause DoS

medium
6.5
First published (updated )
CVE-2020-7929

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

MongoDBDenial of service via malformed network packet

high
7.5
First published (updated )
CVE-2019-20925

MongoDBInfinite loop in aggregation expression

medium
6.5
First published (updated )
CVE-2018-20803

MongoDBImproper neutralization of null byte leads to read overrun

medium
6.5
First published (updated )
CVE-2020-7928

MongoDBCrash while joining collections with $lookup

medium
6.5
First published (updated )
CVE-2019-2393

MongoDBCrash while handling internal Javascript exception types

medium
6.5
First published (updated )
CVE-2019-20923

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2025 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203