Package impact
npm / mongoose
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2026-42334 | high | 7.5 | 7.5 | 16d ago | Mongoose's Improper Sanitization of $nor in sanitizeFilter May Allow NoSQL Injection | |||
| CVE-2025-23061 | unknown | — | — | 1y ago | Mongoose search injection vulnerability | |||
| CVE-2024-53900 | unknown | — | — | 2y ago | Mongoose search injection vulnerability | |||
| CVE-2023-3696 | unknown | — | — | 3y ago | Mongoose Prototype Pollution vulnerability | |||
| CVE-2022-24304 | unknown | — | — | 4y ago | Mongoose Vulnerable to Prototype Pollution in Schema Object | |||
| CVE-2022-2564 | unknown | — | — | 4y ago | automattic/mongoose vulnerable to Prototype pollution via Schema.path | |||
| CVE-2019-17426 | unknown | — | — | 7y ago | Improper Input Validation in Automattic Mongoose |