MongoDB Compass 安全漏洞

MongoDB Compass is a free interactive tool provided by the American company MongoDB. It is used for querying, optimizing, and analyzing MongoDB data. There is a security vulnerability in MongoDB Compass, which stems from prototype pollution. This vulnerability may allow certain users to access...

Malicious code in mongodb-compass (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6fc0d8ae5a118b95da082deba58530df3356140503ebc3590069cc6ef8c6bc4d The package mongodb-compass was found to contain malicious code...

EUVD-2025-200051

Malicious code in mongodb-compass npm...

MAL-2025-191518 Malicious code in mongodb-compass (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6fc0d8ae5a118b95da082deba58530df3356140503ebc3590069cc6ef8c6bc4d The package mongodb-compass was found to contain malicious code...

EUVD-2025-5457

Malicious code in bioql PyPI...

EUVD-2024-31960

Malicious code in bioql PyPI...

EUVD-2021-7752

Malicious code in bioql PyPI...

EUVD-2024-47483

Malicious code in bioql PyPI...

MongoDB Compass Installed (Windows)

Binary data mongodbcompasswininstalled.nbin...

MongoDB Compass Installed (macOS)

Binary data macosmongodbcompassinstalled.nbin...

MongoDB Compass < 1.42.2 Code Injection (macOS)

The version of MongoDB Compass installed on the remote host is affected by a code injection vulnerability. MongoDB Compass may be susceptible to code injection due to insufficient sandbox protection settings with the usage of ejson shell parser in Compass' connection handling. Note that Nessus ha...

CVE-2025-1755

MongoDB Compass may be susceptible to local privilege escalation under certain conditions potentially enabling unauthorized actions on a user's system with elevated privileges, when a crafted file is stored in C:\nodemodules\. This issue affects MongoDB Compass prior to 1.42.1...

CVE-2025-1755

MongoDB Compass may be susceptible to local privilege escalation under certain conditions potentially enabling unauthorized actions on a user's system with elevated privileges, when a crafted file is stored in C:\nodemodules. This issue affects MongoDB Compass prior to 1.42.1...

CVE-2025-1755

MongoDB Compass may be susceptible to local privilege escalation under certain conditions potentially enabling unauthorized actions on a user's system with elevated privileges, when a crafted file is stored in C:\nodemodules. This issue affects MongoDB Compass prior to 1.42.1...

CVE-2025-1755

MongoDB Compass (Windows) is affected by CVE-2025-1755: a local privilege escalation vulnerability when a crafted file is stored in C:\node_modules, affecting versions prior to 1.42.1. The condition described enables elevated-privilege actions on the user’s system. Several connected sources (incl...

CVE-2025-1755 MongoDB Compass may be susceptible to local privilege escalation in Windows

MongoDB Compass may be susceptible to local privilege escalation under certain conditions potentially enabling unauthorized actions on a user's system with elevated privileges, when a crafted file is stored in C:\nodemodules. This issue affects MongoDB Compass prior to 1.42.1...

CVE-2025-1755 MongoDB Compass may be susceptible to local privilege escalation in Windows

MongoDB Compass may be susceptible to local privilege escalation under certain conditions potentially enabling unauthorized actions on a user's system with elevated privileges, when a crafted file is stored in C:\nodemodules. This issue affects MongoDB Compass prior to 1.42.1...

MongoDB Compass may be susceptible to local privilege escalation in Windows

MongoDB Compass may be susceptible to local privilege escalation under certain conditions potentially enabling unauthorized actions on a user's system with elevated privileges, when a crafted file is stored in C:\nodemodules. This issue affects MongoDB Compass prior to 1.42.1...

PT-2025-8960 · Mongodb · Mongodb Compass

Name of the Vulnerable Software and Affected Versions: MongoDB Compass versions prior to 1.42.1 Description: The issue may allow local privilege escalation under certain conditions, potentially enabling unauthorized actions on a user's system with elevated privileges. This can occur when a crafte...

MongoDB Compass 代码问题漏洞

MongoDB Compass is a free interactive tool from MongoDB, Inc. for querying, optimizing, and analyzing MongoDB data. A code issue vulnerability exists in MongoDB Compass versions prior to 1.42.1 that stems from local elevation of privilege...