MongoDB Compass
Don't miss out!
Thousands of developers use stack.watch to stay informed.Get an email whenever new security vulnerabilities are reported in MongoDB Compass.
By the Year
In 2025 there have been 0 vulnerabilities in MongoDB Compass. Last year, in 2024 Compass had 2 security vulnerabilities published. Right now, Compass is on track to have less security vulnerabilities in 2025 than it did last year.
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2025 | 0 | 0.00 |
| 2024 | 2 | 8.30 |
| 2023 | 0 | 0.00 |
| 2022 | 0 | 0.00 |
| 2021 | 0 | 0.00 |
| 2020 | 0 | 0.00 |
| 2019 | 0 | 0.00 |
| 2018 | 0 | 0.00 |
It may take a day or so for new Compass vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.
Recent MongoDB Compass Security Vulnerabilities
MongoDB Compass may be susceptible to code injection due to insufficient sandbox protection settings with the usage of ejson shell parser in Compass' connection handling
CVE-2024-6376
9.8 - Critical
- July 01, 2024
MongoDB Compass may be susceptible to code injection due to insufficient sandbox protection settings with the usage of ejson shell parser in Compass' connection handling. This issue affects MongoDB Compass versions prior to version 1.42.2
Code Injection
MongoDB Compass may accept and use insufficiently validated input from an untrusted external source
CVE-2024-3371
6.8 - Medium
- April 24, 2024
MongoDB Compass may accept and use insufficiently validated input from an untrusted external source. This may cause unintended application behavior, including data disclosure and enabling attackers to impersonate users. This issue affects MongoDB Compass versions 1.35.0 to 1.42.0.
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for MongoDB Compass or by MongoDB? Click the Watch button to subscribe.
