Please follow the instructions on Tidelift's security page to report a security issue.
Security: Automattic/mongoose
Security
SECURITY.md
-
Improper Sanitization of $nor in sanitizeFilter May Allow NoSQL InjectionGHSA-wpg9-53fq-2r8h published
May 1, 2026 by vkarpov15High
Learn more about advisories related to Automattic/mongoose in the GitHub Advisory Database