mongo-express before 0.54.0 is vulnerable to Remote Code Execution via endpoints that uses the `toBSON` method.
PoC: CVE-2019-10758
CVE-2019-10758
Get alerted for CVEs like this
Register your stack and get notified within minutes when a matching CVE drops.