Browse all 9 CVE security advisories affecting MONGODB. AI-powered Chinese analysis, POCs, and references for each vulnerability.
MongoDB serves as a leading NoSQL database platform primarily for storing and managing unstructured data in modern applications. Historically, it has faced vulnerabilities across multiple classes, including remote code execution, cross-site scripting, and privilege escalation, often stemming from misconfigurations or authentication flaws. The platform's default open configuration has contributed to widespread ransomware attacks through exposed instances without proper access controls. While recent CVEs show improved security practices, legacy issues like weak default credentials and insufficient input validation remain concerns. MongoDB's document-oriented architecture and horizontal scaling capabilities continue to make it popular for big data applications, though security remains dependent on proper implementation and hardening.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2025-11695 | Configuration may unexpectedly disable certificate validation — Rust DriverCWE-295 | 8.0 | High | 2025-10-13 |
This page lists every published CVE security advisory associated with MONGODB. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.