Vulnerabilidades em mongoosejs

1 resultado

CVE-2025-23061CRITICALMongoose before 8.9.5 can improperly use a nested $where filter with a populate() match, leading to search injection. NOTE: this issue existEPSS 7.0%