Vulnerabilities > Mongo Express Project > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-03-30 | CVE-2020-24391 | Unspecified vulnerability in Mongo-Express Project Mongo-Express mongo-express before 1.0.0 offers support for certain advanced syntax but implements this in an unsafe way. | 9.8 |
| 2019-12-24 | CVE-2019-10758 | Unspecified vulnerability in Mongo-Express Project Mongo-Express mongo-express before 0.54.0 is vulnerable to Remote Code Execution via endpoints that uses the `toBSON` method. | 9.9 |