Filters
Software
mongodb mongodb
45
mongodb c driver
3
mongodb ops manager
3
mongodb bson
2
mongodb c\# driver
2
mongodb compass
2
mongodb js-bson
2
mongodb ops manager server
2
mongodb atlas kubernetes operator
1
mongodb c\+\+
1
mongodb database tools
1
mongodb go driver
1
mongodb java driver
1
mongodb libbson
1
mongodb libmongocrypt
1
mongodb mongo-express
1
mongodb mongodb enterprise kubernetes operator
1
mongodb mongomirror
1
mongodb node.js
1
mongodb php driver
1
mongodb pymongo
1
mongodb rust driver
1
mongodb swift driver
1
MongoDB MongoDBMongoDB Server binaries may load potentially insecure shared libraries from specific relative paths
6.7
EPSS
0.04%
First published (updated )
MongoDB MongoDBBackup files may be downloaded by underprivileged users in MongoDB Enterprise Server
5.3
EPSS
0.05%
First published (updated )
MongoDB Compassejson shell parser in MongoDB Compass maybe bypassed
9.8
EPSS
0.07%
First published (updated )
MongoDB MongoDBMissing authorization check may lead to shard key refinement
6.5
EPSS
0.05%
First published (updated )
ubuntu/pymongoOut-of-bounds read in bson module of PyMongo
8.1
EPSS
0.09%
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
BleepingComputerOver 12 million auth secrets and keys leaked on GitHub in 2023
First published (updated )
News
BleepingComputerMongodb C DriverMongoDB client C Driver may infinitely loop when validating certain BSON input data
7.5
First published (updated )
MongoDB Atlas Kubernetes OperatorSecret logging may occur in debug mode of Atlas Operator
7.5
First published (updated )
Mongodb Node.jsSome MongoDB Drivers may publish events containing authentication-related data to a command listener configured by an application
7.5
First published (updated )
MongoDB MongoDBCertificate validation issue in MongoDB Server running on Windows or macOS
7.5
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Mongodb Ops Manager ServerPrivilege Escalation for Project Owner and Project User Admin Roles in Ops Manager
7.2
First published (updated )
Mongodb Ops Manager ServerMongoDB Ops Manager may disclose sensitive information in Diagnostic Archive
5.3
First published (updated )
Mongodb C\# DriverDeserializing compromised object with MongoDB .NET/C# Driver may cause remote code execution
7.2
First published (updated )
MongoDB MongoDBMongoDB Server (mongod) may crash in response to unexpected requests
6.5
First published (updated )
MongoDB MongoDBLarge aggregation pipelines with a specific stage can crash mongod under default configuration
7.5
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
MongoDB MongoDBDenial of Service and Data Integrity vulnerability in features command
7.1
First published (updated )
Mongodb MongodbMongoDB Extension for VS Code may unexpectedly store credentials locally in clear text
5.5
First published (updated )
MongoDB MongoDBSpecific replication command with malformed oplog entries can crash secondaries
6.5
First published (updated )
MongoDB MongoDBUser may trigger invariant when allowed to send commands directly to shards
6.5
First published (updated )
Mongodb Rust DriverMongoDB Rust Driver may publish events containing authentication-related data to a connection pool event listener configured by an application
4.4
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
MongoDB MongoDBServer log entry spoofing via newline injection
5.3
First published (updated )
Mongodb C\# DriverMongoDB C# Driver may publish events containing authentication-related data to a command listener configured by an application
4.9
First published (updated )
MongoDB MongoDBSpecially crafted query may result in a denial of service of mongod
6.5
First published (updated )
MongoDB Database ToolsSpecific command line parameter might result in accepting invalid certificate
6.5
First published (updated )
MongoDB CompassLocal privilege escalation in MongoDB Compass for Windows
7.8
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Mongodb Go DriverSpecific cstrings input may not be properly validated in the Go Driver
6.8
First published (updated )
MongoDB MongoDBInvariant failure when explaining a find with a UUID
4.9
First published (updated )
MongoDB MongoDBSpecially crafted regex query can cause DoS
6.5
First published (updated )
Mongodb LibmongocryptMongoDB Node.js client side field level encryption library may not be validating KMS certificate
6.8
First published (updated )
Mongodb Java DriverMongoDB Java driver client-side field level encryption not verifying KMS host name
6.8
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
MongoDB Ops ManagerSSL may be unexpectedly disabled during upgrade of multiple-server MongoDB Ops Manager
6.7
First published (updated )
MongoDB MongoDBDenial of service via malformed network packet
7.5
First published (updated )
MongoDB Ops ManagerPotential privilege escalation in Ops Manager API
8.1
First published (updated )
MongoDB MongoDBCrash while joining collections with $lookup
6.5
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
MongoDB MongoDBPost-auth queries on compound index may crash mongod
6.5
First published (updated )
MongoDB MongoDBCrash while handling internal Javascript exception types
6.5
First published (updated )
MongoDB MongoDB$mod can result in undefined behavior
6.5
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
MongoDB MongoDBSpecific query can cause a DoS against MongoDB Server
6.5
First published (updated )
MongoDB MongoDBDenial of Service when processing malformed Role names
7.5
First published (updated )
MongoDB MongoDBImproper neutralization of null byte leads to read overrun
6.5
First published (updated )
MongoDB MongoDBInfinite loop in aggregation expression
6.5
First published (updated )
MongoDB MongoDBSpecific GeoQuery can cause DoS against MongoDB Server
6.5
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
MongoDB Ops ManagerPotential exposure of log information in Ops Manager
5.8
First published (updated )
MongoDB MongoDBAdministrative action may disable enforcement of per-user IP whitelisting
5.3
First published (updated )
Mongodb Mongodb Enterprise Kubernetes OperatorKubernetes Operator generates potentially insecure certificates
6.5
First published (updated )
Mongodb Js-bsonJS-bson may incorrectly serialise some requests
5.5
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.