Cybersecurity Alerts

Actively Exploited Vulnerabilities

← Back to Cybersecurity Alerts

CVE-2019-10758

MongoDB | mongo-expressAdded 2021-12-10Remediation Deadline 2022-06-10

MongoDB mongo-express Remote Code Execution Vulnerability

mongo-express before 0.54.0 is vulnerable to Remote Code Execution via endpoints that uses the `toBSON` method.

Required Action

Apply updates per vendor instructions.

References