Vulnerability Details CVE-2025-1755
MongoDB Compass may be susceptible to local privilege escalation under certain conditions potentially enabling unauthorized actions on a user's system with elevated privileges, when a crafted file is stored in C:\node_modules\. This issue affects MongoDB Compass prior to 1.42.1
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 1.4%
CVSS Severity
CVSS v3 Score 7.5
References
Products affected by CVE-2025-1755
-
cpe:2.3:a:mongodb:compass:-
-
cpe:2.3:a:mongodb:compass:1.10.0
-
cpe:2.3:a:mongodb:compass:1.11.0
-
cpe:2.3:a:mongodb:compass:1.12.0
-
cpe:2.3:a:mongodb:compass:1.13.0
-
cpe:2.3:a:mongodb:compass:1.14.0
-
cpe:2.3:a:mongodb:compass:1.15.0
-
cpe:2.3:a:mongodb:compass:1.16.0
-
cpe:2.3:a:mongodb:compass:1.17.0
-
cpe:2.3:a:mongodb:compass:1.18.0
-
cpe:2.3:a:mongodb:compass:1.19.0
-
cpe:2.3:a:mongodb:compass:1.20.0
-
cpe:2.3:a:mongodb:compass:1.21.0
-
cpe:2.3:a:mongodb:compass:1.22.0
-
cpe:2.3:a:mongodb:compass:1.23.0
-
cpe:2.3:a:mongodb:compass:1.24.1
-
cpe:2.3:a:mongodb:compass:1.25.0
-
cpe:2.3:a:mongodb:compass:1.26.0
-
cpe:2.3:a:mongodb:compass:1.26.1
-
cpe:2.3:a:mongodb:compass:1.28.1
-
cpe:2.3:a:mongodb:compass:1.28.4
-
cpe:2.3:a:mongodb:compass:1.29.4
-
cpe:2.3:a:mongodb:compass:1.29.5
-
cpe:2.3:a:mongodb:compass:1.29.6
-
cpe:2.3:a:mongodb:compass:1.3.0
-
cpe:2.3:a:mongodb:compass:1.30.1
-
cpe:2.3:a:mongodb:compass:1.31.0
-
cpe:2.3:a:mongodb:compass:1.31.1
-
cpe:2.3:a:mongodb:compass:1.31.2
-
cpe:2.3:a:mongodb:compass:1.31.3
-
cpe:2.3:a:mongodb:compass:1.32.0
-
cpe:2.3:a:mongodb:compass:1.32.1
-
cpe:2.3:a:mongodb:compass:1.32.2
-
cpe:2.3:a:mongodb:compass:1.32.3
-
cpe:2.3:a:mongodb:compass:1.33.0
-
cpe:2.3:a:mongodb:compass:1.33.1
-
cpe:2.3:a:mongodb:compass:1.34.1
-
cpe:2.3:a:mongodb:compass:1.34.2
-
cpe:2.3:a:mongodb:compass:1.35.0
-
cpe:2.3:a:mongodb:compass:1.36.0
-
cpe:2.3:a:mongodb:compass:1.36.2
-
cpe:2.3:a:mongodb:compass:1.36.3
-
cpe:2.3:a:mongodb:compass:1.36.4
-
cpe:2.3:a:mongodb:compass:1.37.0
-
cpe:2.3:a:mongodb:compass:1.38.0
-
cpe:2.3:a:mongodb:compass:1.38.1
-
cpe:2.3:a:mongodb:compass:1.38.2
-
cpe:2.3:a:mongodb:compass:1.39.0
-
cpe:2.3:a:mongodb:compass:1.39.1
-
cpe:2.3:a:mongodb:compass:1.39.2
-
cpe:2.3:a:mongodb:compass:1.39.3
-
cpe:2.3:a:mongodb:compass:1.39.4
-
cpe:2.3:a:mongodb:compass:1.4.0
-
cpe:2.3:a:mongodb:compass:1.40.0
-
cpe:2.3:a:mongodb:compass:1.40.1
-
cpe:2.3:a:mongodb:compass:1.40.2
-
cpe:2.3:a:mongodb:compass:1.40.3
-
cpe:2.3:a:mongodb:compass:1.40.4
-
cpe:2.3:a:mongodb:compass:1.41.0
-
cpe:2.3:a:mongodb:compass:1.42.0
-
cpe:2.3:a:mongodb:compass:1.5.0
-
cpe:2.3:a:mongodb:compass:1.6.0
-
cpe:2.3:a:mongodb:compass:1.7.0
-
cpe:2.3:a:mongodb:compass:1.8.0
-
cpe:2.3:a:mongodb:compass:1.9.0
-
cpe:2.3:o:microsoft:windows:-
-
cpe:2.3:o:redhat:enterprise_linux_for_arm_64:9.0_aarch64
-
cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:9.0_s390x
-
Redhat » Enterprise Linux Server For Power Little Endian Update Services For Sap Solutions » Version: 9.0_ppc64lecpe:2.3:o:redhat:enterprise_linux_server_for_power_little_endian_update_services_for_sap_solutions:9.0_ppc64le
-
cpe:2.3:o:redhat:enterprise_linux_update_services_for_sap_solutions:9.0