| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2025-6713 | MongoDB Server may be susceptible to privilege escalation due to $mergeCursors stage | MongoDB Inc | MongoDB Server | High | 7.7 | 2025-07-07 14:46:36 | Deep Dive |
| CVE-2025-6712 | MongoDB Server may be susceptible to DoS due to Accumulated Memory Allocation | MongoDB Inc | MongoDB Server | Medium | 6.5 | 2025-07-07 14:44:38 | Deep Dive |
| CVE-2025-6711 | Incomplete Redaction of Sensitive Information in MongoDB Server Logs | MongoDB Inc | MongoDB Server | Medium | 4.4 | 2025-07-07 14:42:17 | Deep Dive |
| CVE-2025-6710 | Pre-authentication Denial of Service Stack Overflow Vulnerability in JSON Parsing via Excessive Recursion in MongoDB | MongoDB Inc | MongoDB Server | High | 7.5 | 2025-06-26 14:09:30 | Deep Dive |
| CVE-2025-6709 | Pre-Authentication Denial of Service Vulnerability in MongoDB Server's OIDC Authentication | MongoDB Inc | MongoDB Server | High | 7.5 | 2025-06-26 14:07:05 | Deep Dive |
| CVE-2025-6707 | Race condition in privilege cache invalidation cycle | MongoDB Inc | MongoDB Server | Medium | 4.2 | 2025-06-26 14:04:46 | Deep Dive |
| CVE-2025-6706 | Running certain aggregation operations with the SBE engine may lead to unexpected behavior on MongoDB Server | MongoDB Inc | MongoDB Server | Medium | 5.0 | 2025-06-26 14:00:23 | Deep Dive |
| CVE-2025-40906 | BSON::XS versions 0.8.4 and earlier for Perl includes a bundled libbson 1.1.7, which has several vulnerabilities | MONGODB | BSON::XS | - | - | 2025-05-16 15:15:50 | Deep Dive |
| CVE-2025-3085 | MongoDB Server running on Linux may allow unexpected connections where intermediate certificates are revoked | MongoDB Inc | MongoDB Server | High | 8.1 | 2025-04-01 12:05:05 | Deep Dive |
| CVE-2025-3084 | MongoDB Server may crash due to improper validation of explain command | MongoDB Inc | MongoDB Server | Medium | 6.5 | 2025-04-01 11:14:20 | Deep Dive |
| CVE-2025-3083 | Malformed MongoDB wire protocol messages may cause mongos to crash | MongoDB Inc | MongoDB Server | High | 7.5 | 2025-04-01 11:12:31 | Deep Dive |
| CVE-2025-3082 | User may override a view's collation and gain unauthorized access to underlying data | MongoDB Inc | MongoDB Server | Low | 3.1 | 2025-04-01 11:08:07 | Deep Dive |
| CVE-2025-0755 | MongoDB C Driver bson library may be susceptible to buffer overflow | MongoDB Inc | libbson | High | 8.4 | 2025-03-18 09:01:05 | Deep Dive |
| CVE-2025-1756 | MongoDB Shell may be susceptible to local privilege escalation in Windows | MongoDB Inc | mongosh | High | 7.5 | 2025-02-27 15:28:12 | Deep Dive |
| CVE-2025-1755 | MongoDB Compass may be susceptible to local privilege escalation in Windows | MongoDB Inc | MongoDB Compass | High | 7.5 | 2025-02-27 15:24:07 | Deep Dive |
| CVE-2025-1693 | MongoDB Shell may be susceptible to control character Injection via shell output | MongoDB Inc | mongosh | Low | 3.9 | 2025-02-27 12:39:38 | Deep Dive |
| CVE-2025-1692 | MongoDB Shell may be susceptible to control character injection via pasting | MongoDB Inc | mongosh | Medium | 6.3 | 2025-02-27 12:37:00 | Deep Dive |
| CVE-2025-1691 | MongoDB Shell may be susceptible to Control Character Injection via autocomplete | MongoDB Inc | mongosh | High | 7.6 | 2025-02-27 12:34:03 | Deep Dive |
| CVE-2024-10921 | Improper neutralization of null bytes may lead to buffer over-reads in MongoDB Server | MongoDB Inc | MongoDB Server | Medium | 6.8 | 2024-11-14 16:04:04 | Deep Dive |
| CVE-2024-8013 | CSFLE and Queryable Encryption self-lookup may fail to encrypt values in subpipelines | MongoDB Inc | mongocryptd | Low | 2.2 | 2024-10-28 12:58:05 | Deep Dive |