VYPR
Critical severityCISA KEVNVD Advisory· Published Dec 24, 2019· Updated Oct 21, 2025

CVE-2019-10758

CVE-2019-10758

Description

mongo-express before 0.54.0 is vulnerable to Remote Code Execution via endpoints that uses the toBSON method. A misuse of the vm dependency to perform exec commands in a non-safe environment.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
mongo-expressnpm
< 0.54.00.54.0

Affected products

2

Patches

Vulnerability mechanics

References

9

News mentions

0

No linked articles in our index yet.