5 matches found
MongoDB Shell < 2.3.0 Control Character Injection (MONGOSH-2028)
The version of MongoDB Shell installed on the remote host is prior to 2.3.0. It is, therefore, affected by a vulnerability as referenced in the MONGOSH-2028 advisory. - mongosh may be susceptible to local privilege escalation under certain conditions potentially enabling unauthorized actions on a...
CVE-2025-1756
creationtimestamp| type| source ---|---|--- 2025-02-27 16:26:11+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/5713 2025-02-27 17:02:55+00:00| seen| https://infosec.exchange/users/cR0w/statuses/114076927570984469 2025-02-27 17:53:44+00:00| seen|...
CVE-2025-1756
mongosh may be susceptible to local privilege escalation under certain conditions potentially enabling unauthorized actions on a user's system with elevated privilege, when a crafted file is stored in C:\nodemodules. This issue affects mongosh prior to 2.3.0...
CVE-2025-1756
CVE-2025-1756 reports a local privilege escalation in mongosh when a crafted file is stored under C:\node_modules, affecting mongosh versions prior to 2.3.0. The vulnerability is described consistently across sources (NVD, MONGODB advisories, OSV, Nessus/NASL) as local, with low privileges requir...
CVE-2025-1756 MongoDB Shell may be susceptible to local privilege escalation in Windows
mongosh may be susceptible to local privilege escalation under certain conditions potentially enabling unauthorized actions on a user's system with elevated privilege, when a crafted file is stored in C:\nodemodules. This issue affects mongosh prior to 2.3.0...