MongoDB Latest High & Critical Vulnerabilities
Latest High & Critical vulnerabilities published by mongodb
Vulnerability Published:
ποΈ Published
- Anytime
Sort By:
ποΈ Published Date
- Descending
Improper Authentication in MongoDB Server on Linux with TLS Configuration
CVE-2025-3085MongoDBMongodb Server8.1HIGHDenial of Service Vulnerability in MongoDB by MongoDB, Inc.
CVE-2025-3083MongoDBMongodb Server7.5HIGHBuffer Overflow Vulnerability in MongoDB C Driver - MongoDB
CVE-2025-0755MongoDBLibbson8.4HIGHLocal Privilege Escalation Vulnerability in MongoDB Shell by MongoDB
CVE-2025-1756MongoDBMongosh7.5HIGHLocal Privilege Escalation Vulnerability in MongoDB Compass by MongoDB
CVE-2025-1755MongoDBMongodb Compass7.5HIGHControl Character Injection Vulnerability in MongoDB Shell by MongoDB
CVE-2025-1691MongoDBMongosh7.6HIGHLocal Privilege Escalation Vulnerability Affects MongoDB Servers
CVE-2024-7553MongoDBMongodb7.8HIGHMongoDB Compass Vulnerable to Code Injection Due to Sandbox Protection Settings
CVE-2024-6376MongoDBMongodb Compassπ°9.8CRITICALMongoDB Server Vulnerability: Improper Metadata Validation May Cause Server Unavailability
CVE-2024-3372MongoDBMongodb Server7.5HIGHTLS Certificate Validation Bypass Vulnerability Affects MongoDB Server Versions Prior to 7.0.5, 6.0.13, 5.0.24, and 4.4.28
CVE-2024-1351MongoDBMongodb Server9.8CRITICALMongoDB client C Driver may infinitely loop when validating certain BSON input data
CVE-2023-0437MongoDBMongodb C Driver7.5HIGHSecret logging may occur in debug mode of Atlas Operator
CVE-2023-0436MongoDBMongoDB Atlas Kubernet...7.5HIGHSome MongoDB Drivers may publish events containing authentication-related data to a command listener configured by an application
CVE-2021-32050MongoDBMongodb C Driver7.5HIGHCertificate validation issue in MongoDB Server running on Windows or macOS
CVE-2023-1409MongoDBMongodb Server7.5HIGHPrivilege Escalation for Project Owner and Project User Admin Roles in Ops Manager
CVE-2023-4009MongoDBMongodb Ops Manager7.2HIGHLarge aggregation pipelines with a specific stage can crash mongod under default configuration
CVE-2021-32040MongoDBMongodb Server7.5HIGHDenial of service via malformed network packet
CVE-2019-20925MongoDBMongodb Server7.5HIGHDenial of Service when processing malformed Role names
CVE-2020-7925MongoDBMongodb Server7.5HIGHDeserialization Vulnerability in BSON Package Affecting Multiple Applications
CVE-2020-7610MongodbBson9.8CRITICALDenial of Service Vulnerability in MongoDB BSON Ruby by Moped
CVE-2015-4411MongodbBson7.5HIGHImproper File Creation Vulnerability in OpenShift MongoDB Cartridge
CVE-2013-0165Openshift Mongodb...Openshift Mongodb Cart...7.3HIGHCode execution on Windows via OpenSSL engine injection
CVE-2019-2390MongoDBMongodb Server8.2HIGHAuthorization session conflation
CVE-2019-2386MongoDBMongodb Server7.1HIGHAuthentication bypass when using LDAP authentication in MongoDB Enterprise Server
CVE-2015-7882MongodbMongodb8.1HIGHHeap-Based Buffer Over-Read Vulnerability in MongoDB Driver
CVE-2018-16790MongodbLibbson8.1HIGH