CVE-2025-40906 – MongoDB BSON Serialization BSON::XS Multiple Vulnerabilities

May 17, 2025

CVE ID : CVE-2025-40906

Published : May 16, 2025, 4:15 p.m. | 16 hours, 29 minutes ago

Description : BSON::XS versions 0.8.4 and earlier for Perl includes a bundled libbson 1.1.7, which has several vulnerabilities.

Those include CVE-2017-14227, CVE-2018-16790, CVE-2023-0437, CVE-2024-6381, CVE-2024-6383, and CVE-2025-0755.

BSON-XS was the official Perl XS implementation of MongoDB’s BSON serialization, but this distribution has reached its end of life as of August 13, 2020 and is no longer supported.

Severity: 9.8 | CRITICAL

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-4818 – SourceCodester Doctor’s Appointment System SQL Injection

Next Article Rilasciati Wine 10.8 e GE-Proton 10.1: tutte le novità per GNU/Linux

The Psychology Of Color In UX Design And Digital Products

This week in AI dev tools: Claude Sonnet 4’s larger context window, ChatGPT updates, and more (August 15, 2025)

Sentry launches MCP monitoring tool

10 Benefits of Hiring a React.js Development Company (2025–2026 Edition)

14 secret phone codes that unlock hidden features on your Android and iPhone

Stop using AI for these 9 work tasks – here’s why

A smart sensor assessed my home’s risk of electrical fires, and I was impressed

I brought Samsung’s rugged Galaxy tablet on a hiking trip, and it weathered everything

AI’s Hidden Thirst: The Water Behind Tech

AI’s Hidden Thirst: The Water Behind Tech

Minesweeper game in 100 lines of pure JavaScript – easy tutorial

Maintaining Data Consistency with Laravel Database Transactions

5 Best VPN for Lenovo Laptops to Enjoy the Web Safely

5 Best VPN for Lenovo Laptops to Enjoy the Web Safely

3 Best Antivirus and Malware Protection Software

11 Best Antivirus Without Ads

CVE-2025-40906 – MongoDB BSON Serialization BSON::XS Multiple Vulnerabilities

Russian Group EncryptHub Exploits MSC EvilTwin Vulnerability to Deploy Fickle Stealer Malware

ERMAC V3.0 Banking Trojan Source Code Leak Exposes Full Malware Infrastructure

CVE-2025-6843 – “Code-projects Simple Photo Gallery Unrestricted File Upload Vulnerability”

CVE-2025-26389 – OZW672/OZW772 Unauthenticated Remote Code Execution (RCE) in Web Service

⚡ Weekly Recap: Nation-State Hacks, Spyware Alerts, Deepfake Malware, Supply Chain Backdoors

CVE-2025-2501 – Lenovo PC Manager Privilege Escalation Vulnerability

CVE-2025-4484 – iSourcecode Gym Management System SQL Injection Vulnerability

Sam Altman calls DeepSeek AI “impressive” — but casts doubts on claims of efficiency gains ahead of OpenAI’s own dominance

I’ve fallen hard for Starsand Island, a promising anime-style life sim bringing Ghibli vibes to Xbox and PC later this year

With Call of Duty’s obsession with cringe-inducing pop culture skins, ‘Battlefield 6’ has a very real opportunity to offer the alternative — will EA deliver?

CVE-2025-40906 – MongoDB BSON Serialization BSON::XS Multiple Vulnerabilities

Related Posts