THREATOPS
THREAT OPSCVEs › CVE-2019-10758

CVE-2019-10758 — MongoDB mongo-express Remote Code Execution Vulnerability

CISA KEVExploited: confirmedMongoDB

mongo-express before 0.54.0 is vulnerable to Remote Code Execution via endpoints that uses the `toBSON` method.

Vulnerability details