Vulnerabilities > Mongo Express Project > Mongo Express > Critical

DATE CVE VULNERABILITY TITLE RISK
2021-03-30 CVE-2020-24391 Unspecified vulnerability in Mongo-Express Project Mongo-Express
mongo-express before 1.0.0 offers support for certain advanced syntax but implements this in an unsafe way.
network
low complexity
mongo-express-project
critical
 9.8
9.8
2019-12-24 CVE-2019-10758 Unspecified vulnerability in Mongo-Express Project Mongo-Express
mongo-express before 0.54.0 is vulnerable to Remote Code Execution via endpoints that uses the `toBSON` method.
network
low complexity
mongo-express-project
critical
 9.9
9.9