Skip to main content

MongoDB Compass CVE-2026-9101

| EUVDEUVD-2026-31127 MEDIUM
Improperly Controlled Modification of Object Prototype Attributes (Prototype Pollution) (CWE-1321)
2026-05-20 mongodb GHSA-hwpv-w8h7-v7qm
5.3
CVSS 4.0 · NVD
Share

Severity by source

NVD PRIMARY
5.3 MEDIUM
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
P
Scope
X

Lifecycle Timeline

2
Analysis Generated
May 20, 2026 - 17:32 vuln.today
CVSS changed
May 20, 2026 - 17:22 NVD
4.3 (MEDIUM) 5.3 (MEDIUM)

DescriptionCVE.org

Prototype pollution in csv parsing logic during import can lead to untrusted file paths (but not arguments) entering shell.openExternal after specific user behavior leading to "1-click" command execution.

AnalysisAI

Prototype pollution in MongoDB Compass's CSV import parsing logic creates a '1-click' command execution path across versions 1.36.x through 1.49.5. A crafted CSV file can pollute JavaScript object prototypes during the import workflow, causing untrusted file paths to reach Electron's shell.openExternal() API and be executed by the operating system's default handler. No public exploit code has been identified and this CVE is absent from CISA KEV, but the passive user-interaction requirement - simply importing a CSV as part of routine database work - makes targeted social engineering a credible delivery vector in data-heavy environments.

Technical ContextAI

MongoDB Compass is an Electron-based desktop GUI for MongoDB, running Node.js inside a Chromium shell. The root cause is CWE-1321 (Improperly Controlled Modification of Object Prototype Attributes - Prototype Pollution): the CSV parsing logic during the data import workflow fails to sanitize column keys such as __proto__ or constructor.prototype, allowing an attacker-controlled CSV to inject properties onto the global JavaScript Object prototype. Downstream code paths that rely on inherited prototype properties can then reference attacker-supplied values. Specifically, the polluted prototype causes untrusted file paths - but explicitly not command-line arguments, per the description - to flow into Electron's shell.openExternal() function. In Electron, shell.openExternal() delegates execution to the host OS default protocol or file handler, meaning a polluted path could cause the OS to open a local script, binary, or custom-protocol URI. The CPE entry cpe:2.3:a:mongodb,_inc.:compass:*:*:*:*:*:*:*:* covers all versions in the confirmed affected range.

RemediationAI

No specific patched version has been confirmed in the available data; the vendor tracking reference MongoDB Jira COMPASS-10657 (https://jira.mongodb.org/browse/COMPASS-10657) should be monitored for a confirmed fix release and upgrade instructions. Until a patch is confirmed, the most targeted compensating control is restricting CSV imports in Compass to files sourced exclusively from internally controlled, trusted systems - specifically prohibiting imports of CSV files received via email attachments, external file shares, or user-submitted uploads, as these are the primary social-engineering delivery channels. Organizations deploying Compass in high-risk environments can additionally enforce endpoint policies that limit which applications shell.openExternal() can invoke, reducing the blast radius if the path-injection does occur. Note that fully disabling the CSV import feature would eliminate the attack surface entirely but removes a core Compass capability; this trade-off should be weighed against the threat model. Do not rely on network-layer controls alone - the vulnerability is triggered locally by user interaction with a file, not by a network request to Compass.

CVE-2026-34621 HIGH POC
8.6 Apr 11

Prototype pollution in Adobe Acrobat Reader versions 24.001.30356, 26.001.21367 and earlier enables arbitrary code execu

CVE-2024-56059 CRITICAL
9.8 Dec 18

Prototype pollution in the farinspace Partners WordPress plugin (versions up to and including 0.2.0) enables remote unau

CVE-2020-28271 CRITICAL POC
9.8 Nov 12

Prototype pollution vulnerability in 'deephas' versions 1.0.0 through 1.0.5 allows attacker to cause a denial of service

CVE-2023-38894 CRITICAL POC
9.8 Aug 16

A Prototype Pollution issue in Cronvel Tree-kit v.0.7.4 and before allows a remote attacker to execute arbitrary code vi

CVE-2024-24292 CRITICAL POC
9.8 Mar 28

A Prototype Pollution issue in Aliconnect /sdk v.0.0.6 allows an attacker to execute arbitrary code via the aim function

CVE-2023-26121 CRITICAL POC
10.0 Apr 11

All versions of the package safe-eval are vulnerable to Prototype Pollution via the safeEval function, due to improper s

CVE-2021-23449 CRITICAL POC
10.0 Oct 18

This affects the package vm2 before 3.9.4 via a Prototype Pollution attack vector, which can lead to execution of arbitr

CVE-2024-39011 CRITICAL POC
9.8 Jul 30

Prototype Pollution in chargeover redoc v2.0.9-rc.69 allows attackers to execute arbitrary code or cause a Denial of Ser

CVE-2024-38988 CRITICAL POC
9.8 Mar 28

alizeait unflatto <= 1.0.2 was discovered to contain a prototype pollution via the method exports.unflatto at /dist/inde

CVE-2025-57347 CRITICAL POC
9.8 Sep 24

A vulnerability exists in the 'dagre-d3-es' Node.js package version 7.0.9, specifically within the 'bk' module's addConf

CVE-2025-57321 CRITICAL POC
9.8 Sep 24

A Prototype Pollution vulnerability in the util-deps.addFileDepend function of magix-combine-ex versions thru 1.2.10 all

CVE-2024-45435 CRITICAL POC
9.8 Aug 29

Chartist 1.x through 1.3.0 allows Prototype Pollution via the extend function. Rated critical severity (CVSS 9.8), this

Share

CVE-2026-9101 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy