MongoDB Shell

by MongoDB Inc.v2.8.3

Last updated Jun 8, 2026

The mongo shell is an interactive JavaScript interface to MongoDB.

Install with winget

$ winget install --id MongoDB.Shell --exact --version 2.8.3

Run in Command Prompt, PowerShell, or Windows Terminal. Prompts for any agreements.

Silent install command for MongoDB Shell

MongoDB Shell uses MSI (WiX). The silent install switches are /quiet /norestart.

One-line silent install (x64, machine scope)

msiexec.exe /i mongosh-2.8.3-x64.msi /quiet /norestart

See the full silent install reference for MongoDB Shell →

Built by Pckgr

For Intune admins

Stop chasing app updates. Pckgr patches them for you.

Automated application patching for Microsoft Intune. Pckgr keeps a curated library of 1,000+ apps continuously up-to-date in your tenant via Microsoft Graph - no manual repackaging, no chasing vendor sites.

Start free 30-day trial

No credit card required.

About

The mongo shell is an interactive JavaScript interface to MongoDB. You can use the mongo shell to query and update data as well as perform administrative operations.

Installers · v2.8.3

Architecture	Type	Scope	Install	Download
x64	MSI WiX	machine		Direct

Copy a command tailored to that specific architecture, type, and scope - useful when winget would otherwise pick a different default.

Security

25 known CVEs via NVD

high7.5Patched in wingetCVE-2026-8336affects before 8.2.9, 8.3.2May 13, 2026
After invoking $_internalJsEmit, which is not intended to be directly accessible, or mapreduce command’s map function in a certain way, an authenticated user can subsequently crash mongod when the server-side JavaScript engine (through $where, $function, mapreduce reduce stage,...
Vendor advisory
medium4.3Patched in wingetCVE-2026-8202affects before 7.0.34, 8.0.23, 8.2.9, 8.3.2May 13, 2026
Using a densely populated chars mask and a large input string in the MongoDB aggregation operators $trim, $ltrim, and $rtrim, an authenticated user with aggregation permissions can pin CPU utilization at 100% for an extended period of time. This issue impacts MongoDB Server v7....
Vendor advisory
medium6.4Patched in wingetCVE-2026-8201affects before 7.0.34, 8.0.23, 8.2.9, 8.3.2May 13, 2026
A use-after-free vulnerability exists in MongoDB's Field-Level Encryption (FLE) query analysis component, affecting client-side uses of mongocryptd and crypt_shared. Triggering this vulnerability requires control over the structure of a client's FLE-related query. This issue im...
Vendor advisory
low2.7Patched in wingetCVE-2026-8200affects before 7.0.34, 8.0.23, 8.2.9, 8.3.2May 13, 2026
When schema validation is enabled on a collection and an update or insert would violate the collection's schema, the local server log message generated may not have all user data redacted. This issue impacts MongoDB Server v7.0 versions prior to 7.0.34, v8.0 versions prior to...
Vendor advisory
medium6.5Patched in wingetCVE-2026-8199affects before 7.0.34, 8.0.23, 8.2.9, 8.3.2May 13, 2026
An authenticated user can cause excess memory usage via bitwise match expression AST processing of $bitsAllSet, $bitsAnySet, $bitsAllClear, and $bitsAnyClear. This contributes to memory pressure and may lead to availability loss by OOM. This issue impacts MongoDB Server v7.0 ve...
Vendor advisory
high8.8Patched in wingetCVE-2026-8053affects before 5.0.33, 6.0.28, 7.0.34, +3 moreMay 13, 2026
An issue in MongoDB Server's time-series collection implementation allows an authenticated user with database write privileges to trigger an out-of-bounds memory write in the mongod process. The issue results from an inconsistency in the internal field-name-to-index mapping with...
Patch Vendor advisory
medium6.5Patched in wingetCVE-2026-8063affects before 8.2.7May 7, 2026
An authenticated user can crash mongod when running $rankFusion or $scoreFusion with an empty pipeline on a view. When resolving a view, the server inspects the aggregation pipeline to determine whether it begins with an Atlas Search stage. For $rankFusion and $scoreFusion, thi...
Patch
medium6.3Patched in wingetCVE-2026-6915affects before 7.0.32, 8.0.21, 8.2.7Apr 29, 2026
An authorization flaw in the user management command could allow an authenticated user to make limited changes to authentication-related data associated with another user account. This could affect how authentication is performed for the impacted account.
Patch

Showing 8 of 25. Source: NVD, updated 1h ago. Patch status is best-effort: NVD's fix version is compared against the latest version in winget, but the two version formats don't always align. Confirm with the vendor advisory before treating any specific build as safe.

See a CVE that affects your fleet? Push the patched version to Intune in one click with Pckgr - automated patching is the only way to keep up.

Related apps

MongoDBMongoDB Inc.
MongoDB.Serverv8.3.4
MongoDB is a general purpose, document-based, distributed database built for modern application developers and for the cloud era.
MongoDB ToolsMongoDB Inc.
MongoDB.DatabaseToolsv100.17.0
The MongoDB Database Tools are a collection of command-line utilities for working with a MongoDB deployment.
PowerShellMicrosoft Corporation
Microsoft.PowerShellv7.6.2.0
PowerShell is a cross-platform task automation solution made up of a command-line shell, a scripting language, and a configuration management framework. PowerShell runs on Windows, Linux, and macOS.
Oh My PoshJan De Dobbeleer
JanDeDobbeleer.OhMyPoshv29.14.0
Prompt theme engine for any shell
Windows TerminalMicrosoft Corporation
Microsoft.WindowsTerminalv1.24.11321.0
The new Windows Terminal, a tabbed command line experience for Windows.
PostgreSQL 18PostgreSQL Global Development Group
PostgreSQL.PostgreSQL.18v18.4-1
The World's Most Advanced Open Source Relational Database

More from MongoDB Inc. or browse db, mongo, mongodb.

Frequently asked questions

How do I install MongoDB Shell on Windows?

Open Windows Terminal, PowerShell, or Command Prompt and run: winget install --id MongoDB.Shell --exact --version 2.8.3. winget downloads the installer from MongoDB Inc. and runs it. Requires Windows 10 (1809+) or Windows 11.

How do I install MongoDB Shell silently for unattended deployment?

Add --silent and accept the agreements upfront: winget install --id MongoDB.Shell --exact 2.8.3 --silent --accept-package-agreements --accept-source-agreements. This is the variant Intune, Configuration Manager, and other deployment tools should use.

What are the silent install switches for MongoDB Shell?

MongoDB Shell uses MSI (WiX). Run the downloaded installer with: msiexec.exe /i mongosh-2.8.3-x64.msi /quiet /norestart. The silent switches are /quiet /norestart.

How do I uninstall MongoDB Shell via winget?

Run: winget uninstall --id MongoDB.Shell --exact. Add --silent for unattended uninstalls. winget will use the registered uninstaller from MongoDB Shell's Apps & Features entry.

Is MongoDB Shell free?

MongoDB Shell is distributed under Apache License 2.0. Refer to the publisher (https://www.mongodb.com/products/shell) for the full license terms - Wingetly itself does not charge for installation.

Does MongoDB Shell work on Windows 10?

Yes, as long as your Windows 10 build supports winget (1809 or newer). winget ships with App Installer on Windows 10/11 and pulls MongoDB Shell directly from the publisher.

How do I keep MongoDB Shell up to date?

Run winget upgrade --id MongoDB.Shell --exact, or winget upgrade --all to update everything winget tracks. We index 10 versions of MongoDB Shell from microsoft/winget-pkgs.

Recent versions

2.8.3latest
2.8.2
2.8.1
2.7.0
2.6.0
2.5.10
2.5.9
2.5.8
2.5.7
2.5.6