MongoDB Compass
Don't miss out!
Thousands of developers use stack.watch to stay informed.Get an email whenever new security vulnerabilities are reported in MongoDB Compass.
By the Year
In 2026 there have been 0 vulnerabilities in MongoDB Compass. Compass did not have any published security vulnerabilities last year.
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2026 | 0 | 0.00 |
| 2025 | 0 | 0.00 |
| 2024 | 2 | 8.30 |
| 2023 | 0 | 0.00 |
| 2022 | 0 | 0.00 |
| 2021 | 1 | 4.80 |
It may take a day or so for new Compass vulnerabilities to show up in the stats or in the list of recent security vulnerabilities. Additionally vulnerabilities may be tagged under a different product or component name.
Recent MongoDB Compass Security Vulnerabilities
MongoDB Compass Code Injection via EJSON Shell Parser Before 1.42.2
CVE-2024-6376
9.8 - Critical
- July 01, 2024
MongoDB Compass may be susceptible to code injection due to insufficient sandbox protection settings with the usage of ejson shell parser in Compass' connection handling. This issue affects MongoDB Compass versions prior to version 1.42.2
Code Injection
MongoDB Compass 1.42.0 Unvalidated Input Data Disclosure
CVE-2024-3371
6.8 - Medium
- April 24, 2024
MongoDB Compass may accept and use insufficiently validated input from an untrusted external source. This may cause unintended application behavior, including data disclosure and enabling attackers to impersonate users. This issue affects MongoDB Compass versions 1.35.0 to 1.42.0.
A malicious 3rd party with local access to the Windows machine where MongoDB Compass is installed
CVE-2021-20334
4.8 - Medium
- April 06, 2021
A malicious 3rd party with local access to the Windows machine where MongoDB Compass is installed can execute arbitrary software with the privileges of the user who is running MongoDB Compass. This issue affects: MongoDB Inc. MongoDB Compass 1.x version 1.3.0 on Windows and later versions; 1.x versions prior to 1.25.0 on Windows.
Improper Privilege Management
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for MongoDB Compass or by MongoDB? Click the Watch button to subscribe.
