CVE-2025-1755

Name of the Vulnerable Software and Affected Versions MongoDB Compass versions prior to 1.42.1

Description The issue may allow local privilege escalation under certain conditions, potentially enabling unauthorized actions on a user's system with elevated privileges. This can occur when a crafted file is stored in a specific location, such as C: ode modules.

Recommendations For versions prior to 1.42.1, update to version 1.42.1 or later to resolve the issue. As a temporary workaround, consider restricting access to the C: ode modules directory to minimize the risk of exploitation.