📦 Mongosh

MongoDB Shell (mongosh) versions before 2.3.0 are vulnerable to local privilege escalation when a malicious file is placed in C:\node_modules\. This allows attackers with local access to execute arbit...

This CVE describes a control character injection vulnerability in MongoDB Shell (mongosh) where an attacker controlling a MongoDB cluster can craft malicious autocomplete suggestions. When users press...

This vulnerability allows attackers to inject malicious code into MongoDB Shell (mongosh) through clipboard manipulation. An attacker controlling the user's clipboard can paste obfuscated code contain...