Known Vulnerabilities for Mongoose by Mongoosejs
Listed below are 5 of the newest known vulnerabilities associated with "Mongoose" by "Mongoosejs".
These CVEs are retrieved based on exact matches on listed software, hardware, and vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed software information are still displayed.
Data on known vulnerable versions is also displayed based on information from known CPEs
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2026-42334 json | Mongoose is a MongoDB object modeling tool designed to work in an asynchronous environment. Prior to 6.13.9, 7.8.9, 8.22.1, a... | Not Provided | 2026-05-14 | 2026-05-14 |
| CVE-2026-6986 json | A security vulnerability has been detected in Cesanta Mongoose up to 7.20. This issue affects the function mg_aes_gcm_decrypt... | Not Provided | 2026-04-25 | 2026-04-27 |
| CVE-2026-6985 json | A weakness has been identified in Cesanta Mongoose up to 7.20. This vulnerability affects the function handle_opt of the file... | Not Provided | 2026-04-25 | 2026-04-27 |
| CVE-2026-5246 json | A vulnerability was determined in Cesanta Mongoose up to 7.20. Affected is the function mg_tls_verify_cert_signature of the f... | Not Provided | 2026-04-02 | 2026-04-02 |
| CVE-2026-5245 json | A vulnerability was found in Cesanta Mongoose up to 7.20. This impacts the function handle_mdns_record of the file mongoose.c... | Not Provided | 2026-04-02 | 2026-04-02 |
| CVE-2026-5244 json | A vulnerability has been found in Cesanta Mongoose up to 7.20. This affects the function mg_tls_recv_cert of the file mongoos... | Not Provided | 2026-04-02 | 2026-04-02 |
| CVE-2023-3696 json | Prototype Pollution in GitHub repository automattic/mongoose prior to 7.3.4. | 9.8 - CRITICAL | 2023-07-17 | 2023-08-02 |
| CVE-2022-24304 json | ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2022-2564. Reason: This candidate is a duplicate of CVE-2022-2... | Not Provided | 2022-08-26 | 2023-11-07 |
| CVE-2022-2564 json | Prototype Pollution in GitHub repository automattic/mongoose prior to 6.4.6. | 9.8 - CRITICAL | 2022-07-28 | 2024-03-12 |
| CVE-2019-17426 json | Automattic Mongoose through 5.7.4 allows attackers to bypass access control (in some applications) because any query object w... | 9.1 - CRITICAL | 2019-10-10 | 2021-07-21 |
Known Affected Configurations (CPE V2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Mongoosejs | Mongoose | 5.7.4 | |||
| Application | Mongoosejs | Mongoose | 5.7.3 | |||
| Application | Mongoosejs | Mongoose | 5.7.2 | |||
| Application | Mongoosejs | Mongoose | 5.7.1 | |||
| Application | Mongoosejs | Mongoose | 5.7.0 | |||
| Application | Mongoosejs | Mongoose | 5.6.9 | |||
| Application | Mongoosejs | Mongoose | 5.6.8 | |||
| Application | Mongoosejs | Mongoose | 5.6.7 | |||
| Application | Mongoosejs | Mongoose | 5.6.6 | |||
| Application | Mongoosejs | Mongoose | 5.6.5 | |||
| Application | Mongoosejs | Mongoose | 5.6.4 | |||
| Application | Mongoosejs | Mongoose | 5.6.3 | |||
| Application | Mongoosejs | Mongoose | 5.6.2 | |||
| Application | Mongoosejs | Mongoose | 5.6.13 | |||
| Application | Mongoosejs | Mongoose | 5.6.12 | |||
| Application | Mongoosejs | Mongoose | 5.6.11 | |||
| Application | Mongoosejs | Mongoose | 5.6.10 | |||
| Application | Mongoosejs | Mongoose | 5.6.1 | |||
| Application | Mongoosejs | Mongoose | 5.6.0 | |||
| Application | Mongoosejs | Mongoose | 5.5.9 |