pkg:npm/mongoose

All known vulnerabilities

• CRITICAL10.0CVE-2023-3696Prototype Pollution in automattic/mongoose
  >= 7.0.0, < 7.3.3
• CRITICAL9.8CVE-2024-53900Mongoose search injection vulnerability
  >= 8.0.0-rc0, < 8.8.3
• CRITICAL9.8CVE-2022-24304Mongoose Vulnerable to Prototype Pollution in Schema Object
  >= 6.0.0, < 6.4.6
• CRITICAL9.1CVE-2019-17426Improper Input Validation in Automattic Mongoose
  >= 5.0.0, < 5.7.5
• CRITICAL9.0CVE-2025-23061Mongoose search injection vulnerability
  >= 8.0.0-rc0, < 8.9.5
• HIGH7.5CVE-2026-42334Mongoose's Improper Sanitization of $nor in sanitizeFilter May Allow NoSQL Injection
  from 0, < 6.13.9
• HIGH7.0CVE-2022-2564Prototype Pollution in automattic/mongoose
  >= 6.0.0, < 6.4.6