A critical vulnerability, identified as CVE-2024-7553, has been discovered in MongoDB. It could potentially allow attackers to take complete control of Windows systems.
This vulnerability arises from incorrect validation of files loaded from a local untrusted directory, which can lead to local privilege escalation on Windows operating systems. The flaw affects several versions of MongoDB Server, C Driver, and PHP Driver.
https://cybersecuritynews.com/mongodb-f ... e-control/