MongoDB (mongo-express) Data Breach

MongoDB (mongo-express) experienced a data breach that was reported on December 10, 2021. mongo-express before 0.54.0 is vulnerable to Remote Code Execution via endpoints that uses the `toBSON` method.

Key Facts

Organization: MongoDB (mongo-express)
Date Reported: December 10, 2021
Incident Type: web app exploit
Industry: Technology
Severity Score: 5/10
Confidence Level: high
Tags: web app exploit

Source

View original source - External link to primary source documentation

Understanding web app exploit Incidents

Web application exploits target vulnerabilities in websites and APIs. Secure development practices, WAFs, and penetration testing protect against these attacks.

MongoDB (mongo-express) Data Breach

Key Facts

Source

Understanding web app exploit Incidents

Explore Related Data