CVE-2025-23061 Blast Radius

CRITICAL • CVSS 9Mongoose before 8.9.5 can improperly use a nested $where filter with a populate() match, leading to search injection. NOTE: this issue exists because …

Is Your Infrastructure Using These Packages?

EchelonGraph automatically scans your cloud infrastructure and SBOMs to map your exposure to vulnerabilities like CVE-2025-23061.

Start Free Scan →← Back to CVE-2025-23061