MongoDB Shell < 2.3.9 Control Character Injection (MONGOSH-2024, MONGOSH-2025, MONGOSH-2026)

The version of MongoDB Shell installed on the remote host is prior to 2.3.9. It is, therefore, affected by a vulnerability as referenced in the MONGOSH-2024, MONGOSH-2025, MONGOSH-2026 advisories. - The MongoDB Shell may be susceptible to control character injection where an attacker with control...

CVE-2025-1693

The MongoDB Shell may be susceptible to control character injection where an attacker with control over the database cluster contents can inject control characters into the shell output. This may result in the display of falsified messages that appear to originate from mongosh or the underlying...