CVE-2019-10758CISA KEVEPSS p99.7%

CVE-2019-10758MongoDB mongo-express Remote Code Execution Vulnerability

MongoDB / mongo-express

Description

mongo-express before 0.54.0 is vulnerable to Remote Code Execution via endpoints that uses the `toBSON` method.

Scoring

EPSS84.84% probability of exploitation · percentile 99.7% · 2026-06-17T12:03:21Z

CISA KEV entry

Added to KEV: 2021-12-10

(incoming)1

TypeTargetConfidenceTier
KEVEntryMongoDB mongo-express Remote Code Execution Vulnerabilitykev-cve-2019-107580%live

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CVE
CVE-2026-9740
CVE
CVE-2025-1692
CVE
CVE-2026-9750
CVE
CVE-2025-23061
CVE
MongoDB and MongoDB Server Improper Handling of Length Parameter Inconsistency Vulnerability
CVE
CVE-2026-8053
Sourced from NVD + CISA KEV + FIRST.org EPSS. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.