Unrated severityNVD Advisory· Published Feb 27, 2025· Updated Feb 27, 2025

MongoDB Compass may be susceptible to local privilege escalation in Windows

CVE-2025-1755

Description

MongoDB Compass may be susceptible to local privilege escalation under certain conditions potentially enabling unauthorized actions on a user's system with elevated privileges, when a crafted file is stored in C:\node_modules\. This issue affects MongoDB Compass prior to 1.42.1

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

MongoDB Inc/MongoDB Compassv5
cpe:2.3:a:mongodb:compass:1.0:*:*:*:*:*:*:*
Range: 0
HCL Software/Compassllm-fuzzy
Range: <1.42.1

Patches

Vulnerability mechanics

References

jira.mongodb.org/browse/COMPASS-9058mitre

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000