Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

MongoDB Inc. — Vulnerabilities & Security Advisories 52

Browse all 52 CVE security advisories affecting MongoDB Inc.. AI-powered Chinese analysis, POCs, and references for each vulnerability.

MongoDB Inc. develops a popular document-oriented NoSQL database designed for high-volume data storage and flexible schema management. With fifty recorded Common Vulnerabilities and Exposures (CVEs), the platform has historically faced issues ranging from remote code execution and cross-site scripting to privilege escalation flaws. These vulnerabilities often stem from improper input validation, authentication bypasses, or insecure default configurations in earlier releases. Notable incidents include critical flaws allowing unauthenticated access to administrative interfaces, highlighting risks associated with default settings in production environments. The company actively addresses these concerns through regular security patches and updates, emphasizing the importance of proper configuration and timely maintenance. While the software remains widely adopted for its scalability, the frequency of CVEs underscores the necessity for rigorous security hygiene and continuous monitoring to mitigate potential exploitation vectors in enterprise deployments.

Found 5 results / 52Clear Filters
Top products by MongoDB Inc.: MongoDB Server MongoDB Ops Manager js-bson MongoDB Enterprise Kubernetes Operator MongoDB Database Tools MongoDB Node.js Driver mongodb-client-encryption module mongo-java-driver MongoDB Go Driver MongoDB C# Driver MongoDB Rust Driver MongoDB Compass MongoDB for VS Code Server C Driver MongoDB C Driver
CVE IDTitleCVSSSeverityPublished
CVE-2023-4009 Privilege Escalation for Project Owner and Project User Admin Roles in Ops Manager — MongoDB Ops ManagerCWE-648 7.2 High2023-08-08
CVE-2023-0342 MongoDB Ops Manager may disclose sensitive information in Diagnostic Archive — MongoDB Ops ManagerCWE-497 3.1 Low2023-06-09
CVE-2021-20335 SSL may be unexpectedly disabled during upgrade of multiple-server MongoDB Ops Manager — MongoDB Ops ManagerCWE-319 6.7 Medium2021-02-11
CVE-2020-7927 Potential privilege escalation in Ops Manager API — MongoDB Ops ManagerCWE-648 8.1 High2020-11-23
CVE-2019-2388 Potential exposure of log information in Ops Manager — MongoDB Ops ManagerCWE-425 5.8 Medium2020-05-13

This page lists every published CVE security advisory associated with MongoDB Inc.. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.