Every CVE whose affected-product data names Mongodb Compass, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (4)
CVE-2025-1755 — CVSS 7.5 (high): MongoDB Compass may be susceptible to local privilege escalation under certain conditions potentially enabling unauthorized actions on a…
CVE-2024-3371 — CVSS 7.1 (high): MongoDB Compass may accept and use insufficiently validated input from an untrusted external source. This may cause unintended application…
CVE-2024-6376 — CVSS 7.0 (high): MongoDB Compass may be susceptible to code injection due to insufficient sandbox protection settings with the usage of ejson shell parser…
CVE-2021-20334 — CVSS 4.8 (medium): A malicious 3rd party with local access to the Windows machine where MongoDB Compass is installed can execute arbitrary software with the…