cve,link,title,description,vendor,products,score,severity,epss,cisa,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score
CVE-2024-6376,https://securityvulnerability.io/vulnerability/CVE-2024-6376,MongoDB Compass Vulnerable to Code Injection Due to Sandbox Protection Settings,"A critical security vulnerability has been discovered in MongoDB Compass, identified as CVE-2024-6376, potentially exposing systems to code injection attacks. This flaw affects versions of MongoDB Compass prior to 1.42.2 and has been assigned a CVSS score of 9.8, indicating a high severity level. The vulnerability may allow attackers to execute arbitrary code, alter control flow, and gain unauthorized control of system resources. To mitigate the risk, users and administrators are strongly advised to update MongoDB Compass to version 1.42.2 or newer immediately. It is important for organizations to prioritize this update as part of their security maintenance procedures to prevent potential attacks.",MongoDB,Mongodb Compass,9.8,CRITICAL,0.0006000000284984708,false,true,false,false,,false,false,2024-07-01T14:57:31.704Z,0
CVE-2024-3371,https://securityvulnerability.io/vulnerability/CVE-2024-3371,MongoDB Compass Vulnerability Could Lead to Data Disclosure and User Impersonation,"MongoDB Compass has a vulnerability that stems from inadequate validation of input received from untrusted external sources. This flaw can lead to unexpected application behaviors, including the potential for unauthorized data exposure and user impersonation. It is critical for users and administrators of MongoDB Compass, particularly from versions 1.35.0 to 1.42.0, to mitigate this issue promptly to protect sensitive information from being compromised.",MongoDB,Mongodb Compass,7.1,HIGH,0.0004299999854993075,false,false,false,false,,false,false,2024-04-24T17:15:00.000Z,0
CVE-2021-20334,https://securityvulnerability.io/vulnerability/CVE-2021-20334,Local privilege escalation in MongoDB Compass for Windows,A malicious 3rd party with local access to the Windows machine where MongoDB Compass is installed can execute arbitrary software with the privileges of the user who is running MongoDB Compass. This issue affects: MongoDB Inc. MongoDB Compass 1.x version 1.3.0 on Windows and later versions; 1.x versions prior to 1.25.0 on Windows.,MongoDB,Mongodb Compass,4.8,MEDIUM,0.0004400000034365803,false,false,false,false,,false,false,2021-04-06T00:00:00.000Z,0