Lucene search
K

4 matches found

CVE
CVE
added 2025/10/23 9:2 p.m.16 views

CVE-2025-12100

CVE-2025-12100 affects MongoDB BI Connector ODBC driver versions 1.0.0–1.4.6, due to an incorrectly set default privilege that enables local privilege escalation. The issue is documented across multiple sources (including Red Hat and OSV entries) with the same description. A fix appears in v1.4.7...

8.8CVSS6.6AI score0.00123EPSS
Exploits0References1
NVD
NVD
added 2025/10/08 10:15 p.m.7 views

CVE-2025-11535

MongoDB Connector for BI installation via MSI on Windows leaves ACLs unset on custom install directories allows Privilege Escalation.This issue affects MongoDB Connector for BI: from 2.0.0 through 2.14.24...

8.8CVSS0.00114EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/09/15 4:4 p.m.3 views

CVE-2025-10491 MongoDB Windows installation MSI may leave ACLs unset on custom installation directories

The MongoDB Windows installation MSI may leave ACLs unset on custom installation directories allowing a local attacker to introduce executable code to MongoDB's process via DLL hijacking. This issue affects MongoDB Server v6.0 version prior to 6.0.25, MongoDB Server v7.0 version prior to 7.0.21 a...

7.8CVSS6.5AI score0.00111EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/09/15 12:0 a.m.7 views

PT-2025-37717

Name of the Vulnerable Software and Affected Versions: MongoDB Server versions prior to 6.0.25 MongoDB Server versions prior to 7.0.21 MongoDB Server versions prior to 8.0.5 Description: The MongoDB Windows installation MSI may leave Access Control Lists ACLs unset on custom installation...

7.8CVSS6.4AI score0.00111EPSS
Exploits0References5
Rows per page
Query Builder