CVE-2019-10758

MongoDB mongo-express Remote Code Execution Vulnerability

mongo-express before 0.54.0 is vulnerable to Remote Code Execution via endpoints that uses the `toBSON` method. Vendor/Product: MongoDB mongo-express. Added to CISA KEV 2021-12-10; required action: Apply updates per vendor instructions.

Category: Vulnerability, Known Exploited

Reference: NVD CVE-2019-10758