CVE-2025-40906 – MongoDB BSON Serialization BSON::XS Multiple Vulnerabilities

May 17, 2025

CVE ID : CVE-2025-40906

Published : May 16, 2025, 4:15 p.m. | 16 hours, 29 minutes ago

Description : BSON::XS versions 0.8.4 and earlier for Perl includes a bundled libbson 1.1.7, which has several vulnerabilities.

Those include CVE-2017-14227, CVE-2018-16790, CVE-2023-0437, CVE-2024-6381, CVE-2024-6383, and CVE-2025-0755.

BSON-XS was the official Perl XS implementation of MongoDB’s BSON serialization, but this distribution has reached its end of life as of August 13, 2020 and is no longer supported.

Severity: 9.8 | CRITICAL

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-4818 – SourceCodester Doctor’s Appointment System SQL Injection

Next Article CVE-2025-4669 – WordPress Booking Calendar Stored Cross-Site Scripting (XSS) Vulnerability

Sunshine And March Vibes (2025 Wallpapers Edition)

The Case For Minimal WordPress Setups: A Contrarian View On Theme Frameworks

How To Fix Largest Contentful Paint Issues With Subpart Analysis

How To Prevent WordPress SQL Injection Attacks

Microsoft has closed its “Experience Center” store in Sydney, Australia — as it ramps up a continued digital growth campaign

Bing Search APIs to be “decommissioned completely” as Microsoft urges developers to use its Azure agentic AI alternative

Microsoft might kill the Surface Laptop Studio as production is quietly halted

Minecraft licensing robbed us of this controversial NFL schedule release video

The power of generators

The power of generators

Simplify Factory Associations with Laravel’s UseFactory Attribute

This Week in Laravel: React Native, PhpStorm Junie, and more

Microsoft has closed its “Experience Center” store in Sydney, Australia — as it ramps up a continued digital growth campaign

Microsoft has closed its “Experience Center” store in Sydney, Australia — as it ramps up a continued digital growth campaign

Bing Search APIs to be “decommissioned completely” as Microsoft urges developers to use its Azure agentic AI alternative

Microsoft might kill the Surface Laptop Studio as production is quietly halted

CVE-2025-40906 – MongoDB BSON Serialization BSON::XS Multiple Vulnerabilities

Nmap 7.96 Launches with Lightning-Fast DNS and 612 Scripts

CVE-2025-4610 – WordPress WP-Members Membership Plugin Stored Cross-Site Scripting Vulnerability

Creating Scalable Apps with Modular Architecture in React Native⚙️

The Elder Scrolls 4: Oblivion Remastered review roundup — Here’s what critics had to say for this remastered edition of one of Bethesda’s classic RPGs

Build Your Own RAG Chatbot with JavaScript!

Characterizing and Mitigating Compute Express Link (CXL) Interference in Modern Memory Systems

5 ways to escape middle management and fast-track your journey to the top

YTSubConverter – create styled YouTube subtitles

The best smart bird feeders of 2024

I replaced my Pixel 9 Pro XL with the Pixel 9a – and it’s good news for power users

CVE-2025-40906 – MongoDB BSON Serialization BSON::XS Multiple Vulnerabilities

Related Posts