Tag
mongoose
Safeguard articles tagged "mongoose" — guides, analysis, and best practices for software supply chain and application security.
2 articles
Application Security
NoSQL injection prevention in MongoDB and Mongoose
A single unsanitized query key like $ne can bypass authentication in MongoDB apps — two 2024-2025 Mongoose CVEs show the fix is harder than one middleware package.
Jul 16, 20267 min read
Application Security
Mass assignment in Node, Express, and Mongoose apps
One unfiltered req.body.role field can turn a signup form into an admin-creation endpoint — here's how mass assignment happens in Node and how to stop it.
Jul 14, 20266 min read