Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

121 matches found

RedhatCVE
RedhatCVEadded 2026/06/05 7:10 p.m.7 views

CVE-2026-8431

An administrative user with access to configure webhooks can execute arbitrary commands by configuring and then triggering webhooks containing specific FreeMarker template syntax. This issue affects all MongoDB Ops Manager 7.0 versions and MongoDB Ops Manager versions 8.0.22 and prior...

9.4CVSS5.8AI score0.00371EPSS
Exploits0References1
EUVD
EUVDadded 2026/05/12 9:31 p.m.10 views

EUVD-2026-29749

An administrative user with access to configure webhooks can execute arbitrary commands by configuring and then triggering webhooks containing specific FreeMarker template syntax. This issue affects all MongoDB Ops Manager 7.0 versions and MongoDB Ops Manager versions 8.0.22 and prior...

9.4CVSS6AI score0.00371EPSS
Exploits0References2
NVD
NVDadded 2026/05/12 7:16 p.m.10 views

CVE-2026-8431

An administrative user with access to configure webhooks can execute arbitrary commands by configuring and then triggering webhooks containing specific FreeMarker template syntax. This issue affects all MongoDB Ops Manager 7.0 versions and MongoDB Ops Manager versions 8.0.22 and prior...

9.4CVSS0.00371EPSS
Exploits0References1
CVE
CVEadded 2026/05/12 6:37 p.m.13 views

CVE-2026-8431

MongoDB Ops Manager versions affected: 7.0 and 8.0.22 and earlier. The vulnerability arises from the Webhook feature: an administrative user who can configure webhooks can trigger arbitrary commands by including specific FreeMarker template syntax in webhook payloads. This is a remote-network, hi...

9.4CVSS6AI score0.00371EPSS
Exploits0References1
ATTACKERKB
ATTACKERKBadded 2026/05/12 6:37 p.m.3 views

CVE-2026-8431

An administrative user with access to configure webhooks can execute arbitrary commands by configuring and then triggering webhooks containing specific FreeMarker template syntax. This issue affects all MongoDB Ops Manager 7.0 versions and MongoDB Ops Manager versions 8.0.22 and prior...

9.4CVSS6AI score0.00371EPSS
Exploits0References2Affected Software1
Cvelist
Cvelistadded 2026/05/12 6:37 p.m.29 views

CVE-2026-8431 Ops Manager RCE via webhook body

An administrative user with access to configure webhooks can execute arbitrary commands by configuring and then triggering webhooks containing specific FreeMarker template syntax. This issue affects all MongoDB Ops Manager 7.0 versions and MongoDB Ops Manager versions 8.0.22 and prior...

9.4CVSS0.00371EPSS
Exploits0References1
Positive Technologies
Positive Technologiesadded 2026/05/12 12:0 a.m.11 views

PT-2026-40350

An administrative user with access to configure webhooks can execute arbitrary commands by configuring and then triggering webhooks containing specific FreeMarker template syntax. This issue affects all MongoDB Ops Manager 7.0 versions and MongoDB Ops Manager versions 8.0.22 and prior...

9.4CVSS6AI score0.00371EPSS
Exploits0References2
IBM Security Bulletins
IBM Security Bulletinsadded 2026/02/25 7:11 p.m.7 views

Security Bulletin: MongoDB Enterprised Advanced affected by: Use of Insufficiently Random Values vulnerability (CVE-2025-7783)

Summary There is 1 vulnerability in form-data-2.3.3.tgz used in MongoDB Enterprised Advanced for IBM, involving CVE-2025-7783. The vulnerability has been addressed. Vulnerability Details CVEID:CVE-2025-7783 DESCRIPTION: Use of Insufficiently Random Values vulnerability in form-data allows HTTP...

9.4CVSS5.4AI score0.01735EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletinsadded 2026/02/24 10:29 p.m.6 views

Security Bulletin: MongoDB Enterprised Advanced affected by: Inefficient Regular Expression Complexity (CVE-2025-27789)

Summary There are vulnerabilities in helpers-7.21.5.tgz, helpers-7.22.6.tgz, helpers-7.25.0.tgz, runtime-7.21.0.tgz, runtime-7.22.10.tgz, runtime-7.23.2.tgz used in MongoDB Enterprised Advanced for IBM, involving CVE-2025-27789. The vulnerabilities have been addressed. Vulnerability Details...

6.2CVSS5.4AI score0.00478EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletinsadded 2026/02/24 10:29 p.m.6 views

Security Bulletin: MongoDB Enterprised Advanced affected by: Allocation of Resources Without Limits or Throttling vulnerability (CVE-2025-8885)

Summary There is a vulnerability in bc-fips-1.0.2.5.jar used in MongoDB Enterprised Advanced for IBM, involving CVE-2025-8885. The vulnerability has/vulnerabilities have been addressed. Vulnerability Details CVEID:CVE-2025-8885 DESCRIPTION: Allocation of Resources Without Limits or Throttling...

6.3CVSS5.5AI score0.00505EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletinsadded 2026/02/24 7:15 p.m.6 views

Security Bulletin: Vulnerabilities in netty-codec-4.1.124.Final.jar, netty-codec-http-4.1.108.Final.jar, netty-codec-http2-4.1.124.Final.jar affecting MongoDB Enterprised Advanced (CVE-2025-58057)

Summary There are vulnerabilities in netty-codec-4.1.124.Final.jar, netty-codec-http-4.1.108.Final.jar, netty-codec-http2-4.1.124.Final.jar used in MongoDB Enterprised Advanced for IBM, involving CVE-2025-58057. The vulnerabilities have been addressed. Vulnerability Details CVEID:CVE-2025-58057...

7.5CVSS5.4AI score0.00561EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletinsadded 2026/02/24 7:12 p.m.11 views

Security Bulletin: Vulnerabilities in commons-codec-1.11.jar affecting MongoDB Enterprised Advanced (CVE-2020-15250, CVE-2025-48924)

Summary There are 2 vulnerabilities in commons-codec-1.11.jar used in MongoDB Enterprised Advanced for IBM, involving CVE-2020-15250, CVE-2025-48924. The vulnerabilities have been addressed. Vulnerability Details IBM X-Force ID: 177835 DESCRIPTION: Apache Commons Codec could allow a remote attack...

5.5CVSS5.6AI score0.02164EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletinsadded 2026/02/24 7:8 p.m.7 views

Security Bulletin: Vulnerabilities in jersey-client-3.1.0.jar affecting MongoDB Enterprised Advanced (CVE-2025-12383)

Summary There is a vulnerability in jersey-client-3.1.0.jar used in MongoDB Enterprised Advanced for IBM, involving CVE-2025-12383. The vulnerability has been addressed. Vulnerability Details CVEID:CVE-2025-12383 DESCRIPTION: In Eclipse Jersey versions 2.45, 3.0.16, 3.1.9 a race condition can cau...

9.4CVSS5.5AI score0.00271EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletinsadded 2026/02/24 7:4 p.m.8 views

Security Bulletin: Vulnerabilities in js-yaml-3.14.1.tgz, js-yaml-4.1.0.tgz affecting MongoDB Enterprised Advanced (CVE-2025-64718)

Summary There are vulnerabilities in js-yaml-3.14.1.tgz, js-yaml-4.1.0.tgz used in MongoDB Enterprised Advanced for IBM, involving CVE-2025-64718. The vulnerabilities have been addressed. Vulnerability Details CVEID:CVE-2025-64718 DESCRIPTION: js-yaml is a JavaScript YAML parser and dumper. In...

5.3CVSS5.5AI score0.0037EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletinsadded 2026/02/24 7:2 p.m.8 views

Security Bulletin: Vulnerabilities in logback-core-1.5.16.jar affecting MongoDB Enterprised Advanced (CVE-2025-11226)

Summary There is a vulnerability in logback-core-1.5.16.jar used in MongoDB Enterprised Advanced for IBM, involving CVE-2025-11226. The vulnerability has been addressed. Vulnerability Details CVEID:CVE-2025-11226 DESCRIPTION: ACE vulnerability in conditional configuration file processing by QOS.C...

5.9CVSS6.1AI score0.00151EPSS
Exploits0Affected Software1
EUVD
EUVDadded 2025/10/07 12:30 a.m.2 views

EUVD-2020-28857

Malware in sbrugna...

8.1CVSS6.5AI score0.01032EPSS
Exploits0References2
EUVD
EUVDadded 2025/10/07 12:30 a.m.3 views

EUVD-2019-2976

Malware in sbrugna...

8.8CVSS7.6AI score0.01075EPSS
Exploits0References2
EUVD
EUVDadded 2025/10/07 12:30 a.m.3 views

EUVD-2019-13421

Malware in sbrugna...

6.1CVSS5.9AI score0.00663EPSS
Exploits0References3
EUVD
EUVDadded 2025/10/07 12:30 a.m.5 views

EUVD-2016-7560

Malware in sbrugna...

7.4CVSS7.5AI score0.01052EPSS
Exploits0References3
EUVD
EUVDadded 2025/10/07 12:30 a.m.5 views

EUVD-2016-0938

Malware in sbrugna...

6.1CVSS6.3AI score0.00999EPSS
Exploits0References2
Rows per page
Query Builder