Search criteria
76 vulnerabilities found for MongoDB Server by MongoDB Inc
CVE-2026-25613 (GCVE-0-2026-25613)
Vulnerability from nvd – Published: 2026-02-10 18:54 – Updated: 2026-02-10 19:15
VLAI?
Title
An unsafe cast in the MongoDB query planner can result in a segmentation fault.
Summary
An authorized user may disable the MongoDB server by issuing a query against a collection that contains an invalid compound wildcard index.
Severity ?
CWE
- CWE-704 - Incorrect Type Conversion or Cast
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| MongoDB Inc | MongoDB Server |
Affected:
7.0 , < 7.0.29
(semver)
Affected: 8.0 , < 8.0.18 (semver) Affected: 8.2 , < 8.2.4 (semver) |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-25613",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-02-10T19:13:57.583214Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-02-10T19:15:20.731Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "MongoDB Server",
"vendor": "MongoDB Inc",
"versions": [
{
"lessThan": "7.0.29",
"status": "affected",
"version": "7.0",
"versionType": "semver"
},
{
"lessThan": "8.0.18",
"status": "affected",
"version": "8.0",
"versionType": "semver"
},
{
"lessThan": "8.2.4",
"status": "affected",
"version": "8.2",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "An authorized user may disable the MongoDB server by issuing a query against a collection that contains an invalid compound wildcard index."
}
],
"value": "An authorized user may disable the MongoDB server by issuing a query against a collection that contains an invalid compound wildcard index."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "LOW",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
},
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-704",
"description": "CWE-704 Incorrect Type Conversion or Cast",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-02-10T18:54:50.376Z",
"orgId": "a39b4221-9bd0-4244-95fc-f3e2e07f1deb",
"shortName": "mongodb"
},
"references": [
{
"url": "https://jira.mongodb.org/browse/SERVER-113685"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "An unsafe cast in the MongoDB query planner can result in a segmentation fault.",
"x_generator": {
"engine": "Vulnogram 0.5.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "a39b4221-9bd0-4244-95fc-f3e2e07f1deb",
"assignerShortName": "mongodb",
"cveId": "CVE-2026-25613",
"datePublished": "2026-02-10T18:54:50.376Z",
"dateReserved": "2026-02-03T18:21:58.986Z",
"dateUpdated": "2026-02-10T19:15:20.731Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-25610 (GCVE-0-2026-25610)
Vulnerability from nvd – Published: 2026-02-10 18:30 – Updated: 2026-02-10 20:29
VLAI?
Title
Invalid $geoNear index hint may cause server crash
Summary
An authorized user may trigger a server crash by running a $geoNear pipeline with certain invalid index hints.
Severity ?
CWE
- CWE-617 - Reachable Assertion
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| MongoDB Inc | MongoDB Server |
Affected:
8.0 , < 8.0.13
(semver)
Affected: 7.0 , < 7.0.29 (semver) |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-25610",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-02-10T20:29:38.183923Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-02-10T20:29:51.688Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "MongoDB Server",
"vendor": "MongoDB Inc",
"versions": [
{
"lessThan": "8.0.13",
"status": "affected",
"version": "8.0",
"versionType": "semver"
},
{
"lessThan": "7.0.29",
"status": "affected",
"version": "7.0",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "An authorized user may trigger a server crash by running a $geoNear pipeline with certain invalid index hints.\u003cbr\u003e"
}
],
"value": "An authorized user may trigger a server crash by running a $geoNear pipeline with certain invalid index hints."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "LOW",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
},
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-617",
"description": "CWE-617 Reachable Assertion",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-02-10T18:30:40.756Z",
"orgId": "a39b4221-9bd0-4244-95fc-f3e2e07f1deb",
"shortName": "mongodb"
},
"references": [
{
"url": "https://jira.mongodb.org/browse/SERVER-99119"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Invalid $geoNear index hint may cause server crash",
"x_generator": {
"engine": "Vulnogram 0.5.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "a39b4221-9bd0-4244-95fc-f3e2e07f1deb",
"assignerShortName": "mongodb",
"cveId": "CVE-2026-25610",
"datePublished": "2026-02-10T18:30:40.756Z",
"dateReserved": "2026-02-03T18:21:58.985Z",
"dateUpdated": "2026-02-10T20:29:51.688Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-25609 (GCVE-0-2026-25609)
Vulnerability from nvd – Published: 2026-02-10 18:39 – Updated: 2026-02-10 19:52
VLAI?
Title
profile command may permit unauthorized configuration
Summary
Incorrect validation of the profile command may result in the determination that a request altering the 'filter' is read-only.
Severity ?
5.4 (Medium)
CWE
- CWE-862 - Missing Authorization
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| MongoDB Inc | MongoDB Server |
Affected:
8.2 , < 8.2.4
(semver)
Affected: 8.0 , < 8.0.18 (semver) Affected: 7.0 , < 7.0.29 (semver) |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-25609",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-02-10T19:37:32.976979Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-02-10T19:52:07.572Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "MongoDB Server",
"vendor": "MongoDB Inc",
"versions": [
{
"lessThan": "8.2.4",
"status": "affected",
"version": "8.2",
"versionType": "semver"
},
{
"lessThan": "8.0.18",
"status": "affected",
"version": "8.0",
"versionType": "semver"
},
{
"lessThan": "7.0.29",
"status": "affected",
"version": "7.0",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Incorrect validation of the profile command may result in the determination that a request altering the \u0027filter\u0027 is read-only.\u003cbr\u003e"
}
],
"value": "Incorrect validation of the profile command may result in the determination that a request altering the \u0027filter\u0027 is read-only."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "LOW",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:L/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "LOW",
"vulnConfidentialityImpact": "LOW",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
},
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-862",
"description": "CWE-862 Missing Authorization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-02-10T18:39:11.201Z",
"orgId": "a39b4221-9bd0-4244-95fc-f3e2e07f1deb",
"shortName": "mongodb"
},
"references": [
{
"url": "https://jira.mongodb.org/browse/SERVER-112952"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "profile command may permit unauthorized configuration",
"x_generator": {
"engine": "Vulnogram 0.5.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "a39b4221-9bd0-4244-95fc-f3e2e07f1deb",
"assignerShortName": "mongodb",
"cveId": "CVE-2026-25609",
"datePublished": "2026-02-10T18:39:11.201Z",
"dateReserved": "2026-02-03T18:21:58.985Z",
"dateUpdated": "2026-02-10T19:52:07.572Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-1850 (GCVE-0-2026-1850)
Vulnerability from nvd – Published: 2026-02-10 18:49 – Updated: 2026-02-10 19:18
VLAI?
Title
An authorized user may disable the MongoDB server by issuing a certain type of complex query due to boolean expression simplification
Summary
Complex queries can cause excessive memory usage in MongoDB Query Planner resulting in an Out-Of-Memory Crash.
Severity ?
CWE
- CWE-770 - Allocation of Resources Without Limits or Throttling
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| MongoDB Inc | MongoDB Server |
Affected:
8.0 , < 8.0.18
(semver)
Affected: 8.2 , < 8.2.4 (semver) |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-1850",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-02-10T19:18:16.858032Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-02-10T19:18:26.224Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "MongoDB Server",
"vendor": "MongoDB Inc",
"versions": [
{
"lessThan": "8.0.18",
"status": "affected",
"version": "8.0",
"versionType": "semver"
},
{
"lessThan": "8.2.4",
"status": "affected",
"version": "8.2",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Complex queries can cause excessive memory usage in MongoDB Query Planner resulting in an Out-Of-Memory Crash.\u003cbr\u003e"
}
],
"value": "Complex queries can cause excessive memory usage in MongoDB Query Planner resulting in an Out-Of-Memory Crash."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "LOW",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
},
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-770",
"description": "CWE-770 Allocation of Resources Without Limits or Throttling",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-02-10T18:49:32.084Z",
"orgId": "a39b4221-9bd0-4244-95fc-f3e2e07f1deb",
"shortName": "mongodb"
},
"references": [
{
"url": "https://jira.mongodb.org/browse/SERVER-114126"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "An authorized user may disable the MongoDB server by issuing a certain type of complex query due to boolean expression simplification",
"x_generator": {
"engine": "Vulnogram 0.5.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "a39b4221-9bd0-4244-95fc-f3e2e07f1deb",
"assignerShortName": "mongodb",
"cveId": "CVE-2026-1850",
"datePublished": "2026-02-10T18:49:32.084Z",
"dateReserved": "2026-02-03T18:21:53.785Z",
"dateUpdated": "2026-02-10T19:18:26.224Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-1849 (GCVE-0-2026-1849)
Vulnerability from nvd – Published: 2026-02-10 18:52 – Updated: 2026-02-10 19:17
VLAI?
Title
Mongod can run out of stack memory when expressions create deeply nested documents
Summary
MongoDB Server may experience an out-of-memory failure while evaluating expressions that produce deeply nested documents. The issue arises in recursive functions because the server does not periodically check the depth of the expression.
Severity ?
CWE
- CWE-674 - Uncontrolled Recursion
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| MongoDB Inc | MongoDB Server |
Affected:
8.0 , < 8.0.18
(semver)
Affected: 7.0 , < 7.0.29 (semver) Affected: 8.2 , < 8.2.2 (semver) |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-1849",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-02-10T19:16:27.778333Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-02-10T19:17:02.296Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "MongoDB Server",
"vendor": "MongoDB Inc",
"versions": [
{
"lessThan": "8.0.18",
"status": "affected",
"version": "8.0",
"versionType": "semver"
},
{
"lessThan": "7.0.29",
"status": "affected",
"version": "7.0",
"versionType": "semver"
},
{
"lessThan": "8.2.2",
"status": "affected",
"version": "8.2",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "MongoDB Server may experience an out-of-memory failure while evaluating expressions that produce deeply nested documents. The issue arises in recursive functions because the server does not periodically check the depth of the expression."
}
],
"value": "MongoDB Server may experience an out-of-memory failure while evaluating expressions that produce deeply nested documents. The issue arises in recursive functions because the server does not periodically check the depth of the expression."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "LOW",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
},
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-674",
"description": "CWE-674 Uncontrolled Recursion",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-02-10T18:52:52.737Z",
"orgId": "a39b4221-9bd0-4244-95fc-f3e2e07f1deb",
"shortName": "mongodb"
},
"references": [
{
"url": "https://jira.mongodb.org/browse/SERVER-102364"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Mongod can run out of stack memory when expressions create deeply nested documents",
"x_generator": {
"engine": "Vulnogram 0.5.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "a39b4221-9bd0-4244-95fc-f3e2e07f1deb",
"assignerShortName": "mongodb",
"cveId": "CVE-2026-1849",
"datePublished": "2026-02-10T18:52:52.737Z",
"dateReserved": "2026-02-03T18:21:52.859Z",
"dateUpdated": "2026-02-10T19:17:02.296Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-1848 (GCVE-0-2026-1848)
Vulnerability from nvd – Published: 2026-02-10 18:22 – Updated: 2026-02-11 15:17
VLAI?
Title
Connections received from the proxy port may not count towards total accepted connections
Summary
Connections received from the proxy port may not count towards total accepted connections, resulting in server crashes if the total number of connections exceeds available resources. This only applies to connections accepted from the proxy port, pending the proxy protocol header.
Severity ?
CWE
- CWE-770 - Allocation of Resources Without Limits or Throttling
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| MongoDB Inc | MongoDB Server |
Affected:
8.2 , < 8.2.4
(semver)
Affected: 8.0 , < 8.0.18 (semver) Affected: 7.0 , < 7.0.29 (semver) |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-1848",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-02-11T15:16:52.444535Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-02-11T15:17:01.970Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "MongoDB Server",
"vendor": "MongoDB Inc",
"versions": [
{
"lessThan": "8.2.4",
"status": "affected",
"version": "8.2",
"versionType": "semver"
},
{
"lessThan": "8.0.18",
"status": "affected",
"version": "8.0",
"versionType": "semver"
},
{
"lessThan": "7.0.29",
"status": "affected",
"version": "7.0",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Connections received from the proxy port may not count towards total accepted connections, resulting in server crashes if the total number of connections exceeds available resources. This only applies to connections accepted from the proxy port, pending the proxy protocol header.\u003cbr\u003e\u003cbr\u003e"
}
],
"value": "Connections received from the proxy port may not count towards total accepted connections, resulting in server crashes if the total number of connections exceeds available resources. This only applies to connections accepted from the proxy port, pending the proxy protocol header."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "PRESENT",
"attackVector": "NETWORK",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
},
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-770",
"description": "CWE-770 Allocation of Resources Without Limits or Throttling",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-02-10T18:22:41.971Z",
"orgId": "a39b4221-9bd0-4244-95fc-f3e2e07f1deb",
"shortName": "mongodb"
},
"references": [
{
"url": "https://jira.mongodb.org/browse/SERVER-114695"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Connections received from the proxy port may not count towards total accepted connections",
"x_generator": {
"engine": "Vulnogram 0.5.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "a39b4221-9bd0-4244-95fc-f3e2e07f1deb",
"assignerShortName": "mongodb",
"cveId": "CVE-2026-1848",
"datePublished": "2026-02-10T18:22:41.971Z",
"dateReserved": "2026-02-03T18:21:51.892Z",
"dateUpdated": "2026-02-11T15:17:01.970Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-1847 (GCVE-0-2026-1847)
Vulnerability from nvd – Published: 2026-02-10 18:16 – Updated: 2026-02-10 20:12
VLAI?
Title
MongoDB Server may crash when inserting large documents
Summary
Inserting certain large documents into a replica set could lead to replica set secondaries not being able to fetch the oplog from the primary. This could stall replication inside the replica set leading to server crash.
Severity ?
CWE
- CWE-770 - Allocation of Resources Without Limits or Throttling
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| MongoDB Inc | MongoDB Server |
Affected:
8.0 , < 8.0.18
(semver)
Affected: 7.0 , < 7.0.29 (semver) |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-1847",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-02-10T20:11:52.934322Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-02-10T20:12:18.968Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "MongoDB Server",
"vendor": "MongoDB Inc",
"versions": [
{
"lessThan": "8.0.18",
"status": "affected",
"version": "8.0",
"versionType": "semver"
},
{
"lessThan": "7.0.29",
"status": "affected",
"version": "7.0",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Inserting certain large documents into a replica set could lead to replica set secondaries not being able to fetch the oplog from the primary. This could stall replication inside the replica set leading to server crash."
}
],
"value": "Inserting certain large documents into a replica set could lead to replica set secondaries not being able to fetch the oplog from the primary. This could stall replication inside the replica set leading to server crash."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "LOW",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
},
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-770",
"description": "CWE-770 Allocation of Resources Without Limits or Throttling",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-02-10T18:16:24.739Z",
"orgId": "a39b4221-9bd0-4244-95fc-f3e2e07f1deb",
"shortName": "mongodb"
},
"references": [
{
"url": "https://jira.mongodb.org/browse/SERVER-113532"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "MongoDB Server may crash when inserting large documents",
"x_generator": {
"engine": "Vulnogram 0.5.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "a39b4221-9bd0-4244-95fc-f3e2e07f1deb",
"assignerShortName": "mongodb",
"cveId": "CVE-2026-1847",
"datePublished": "2026-02-10T18:16:24.739Z",
"dateReserved": "2026-02-03T18:21:50.648Z",
"dateUpdated": "2026-02-10T20:12:18.968Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-25612 (GCVE-0-2026-25612)
Vulnerability from nvd – Published: 2026-02-10 18:05 – Updated: 2026-02-10 18:59
VLAI?
Title
Internal ResourceId collision may affect unrelated collections
Summary
The internal locking mechanism of the MongoDB server uses an internal encoding of the resources in order to choose what lock to take. Collections may inadvertently collide with one another in this representation causing unavailability between them due to conflicting locks.
Severity ?
CWE
- CWE-412 - Unrestricted Externally Accessible Lock
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| MongoDB Inc | MongoDB Server |
Affected:
8.2 , < 8.2.4
(semver)
Affected: 8.0 , < 8.0.18 (semver) Affected: 7.0 , < 7.0.29 (semver) |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-25612",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-02-10T18:59:20.305133Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-02-10T18:59:27.442Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "MongoDB Server",
"vendor": "MongoDB Inc",
"versions": [
{
"lessThan": "8.2.4",
"status": "affected",
"version": "8.2",
"versionType": "semver"
},
{
"lessThan": "8.0.18",
"status": "affected",
"version": "8.0",
"versionType": "semver"
},
{
"lessThan": "7.0.29",
"status": "affected",
"version": "7.0",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "The internal locking mechanism of the MongoDB server uses an internal encoding of the resources in order to choose what lock to take. Collections may inadvertently collide with one another in this representation causing unavailability between them due to conflicting locks."
}
],
"value": "The internal locking mechanism of the MongoDB server uses an internal encoding of the resources in order to choose what lock to take. Collections may inadvertently collide with one another in this representation causing unavailability between them due to conflicting locks."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "LOW",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
},
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-412",
"description": "CWE-412 Unrestricted Externally Accessible Lock",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-02-10T18:05:23.851Z",
"orgId": "a39b4221-9bd0-4244-95fc-f3e2e07f1deb",
"shortName": "mongodb"
},
"references": [
{
"url": "https://jira.mongodb.org/browse/SERVER-114838"
},
{
"url": "https://jira.mongodb.org/browse/SERVER-115296"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Internal ResourceId collision may affect unrelated collections",
"x_generator": {
"engine": "Vulnogram 0.5.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "a39b4221-9bd0-4244-95fc-f3e2e07f1deb",
"assignerShortName": "mongodb",
"cveId": "CVE-2026-25612",
"datePublished": "2026-02-10T18:05:23.851Z",
"dateReserved": "2026-02-03T18:21:58.986Z",
"dateUpdated": "2026-02-10T18:59:27.442Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-25611 (GCVE-0-2026-25611)
Vulnerability from nvd – Published: 2026-02-10 17:52 – Updated: 2026-02-11 15:21
VLAI?
Title
Pre-Authentication Memory Exhaustion Denial of Service in MongoDB Server
Summary
A series of specifically crafted, unauthenticated messages can exhaust available memory and crash a MongoDB server.
Severity ?
CWE
- CWE-405 - Asymmetric Resource Consumption (Amplification)
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| MongoDB Inc | MongoDB Server |
Affected:
8.2 , < 8.2.4
(semver)
Affected: 8.0 , < 8.0.18 (semver) Affected: 7.0 , < 7.0.29 (semver) |
Credits
Vitaly Simonovich
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-25611",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-02-11T15:20:57.244281Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-02-11T15:21:16.207Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "MongoDB Server",
"vendor": "MongoDB Inc",
"versions": [
{
"lessThan": "8.2.4",
"status": "affected",
"version": "8.2",
"versionType": "semver"
},
{
"lessThan": "8.0.18",
"status": "affected",
"version": "8.0",
"versionType": "semver"
},
{
"lessThan": "7.0.29",
"status": "affected",
"version": "7.0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "Vitaly Simonovich"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "A series of specifically crafted, unauthenticated messages can exhaust available memory and crash a MongoDB server."
}
],
"value": "A series of specifically crafted, unauthenticated messages can exhaust available memory and crash a MongoDB server."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 8.7,
"baseSeverity": "HIGH",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
},
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-405",
"description": "CWE-405 Asymmetric Resource Consumption (Amplification)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-02-10T17:52:47.181Z",
"orgId": "a39b4221-9bd0-4244-95fc-f3e2e07f1deb",
"shortName": "mongodb"
},
"references": [
{
"url": "https://jira.mongodb.org/browse/SERVER-116210"
},
{
"url": "https://jira.mongodb.org/browse/SERVER-116206"
},
{
"url": "https://jira.mongodb.org/browse/SERVER-116211"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Pre-Authentication Memory Exhaustion Denial of Service in MongoDB Server",
"x_generator": {
"engine": "Vulnogram 0.5.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "a39b4221-9bd0-4244-95fc-f3e2e07f1deb",
"assignerShortName": "mongodb",
"cveId": "CVE-2026-25611",
"datePublished": "2026-02-10T17:52:47.181Z",
"dateReserved": "2026-02-03T18:21:58.986Z",
"dateUpdated": "2026-02-11T15:21:16.207Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-10491 (GCVE-0-2025-10491)
Vulnerability from nvd – Published: 2025-09-15 16:04 – Updated: 2025-09-16 03:55
VLAI?
Title
MongoDB Windows installation MSI may leave ACLs unset on custom installation directories
Summary
The MongoDB Windows installation MSI may leave ACLs unset on custom installation directories allowing a local attacker to introduce executable code to MongoDB's process via DLL hijacking. This issue affects MongoDB Server v6.0 version prior to 6.0.25, MongoDB Server v7.0 version prior to 7.0.21 and MongoDB Server v8.0 version prior to 8.0.5
Severity ?
7.8 (High)
CWE
- CWE-284 - Improper Access Control
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| MongoDB Inc | MongoDB Server |
Affected:
6.0 , < 6.0.25
(custom)
Affected: 7.0 , < 7.0.21 (custom) Affected: 8.0 , < 8.0.5 (custom) |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-10491",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-09-15T00:00:00+00:00",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-09-16T03:55:21.417Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"platforms": [
"Windows"
],
"product": "MongoDB Server",
"vendor": "MongoDB Inc",
"versions": [
{
"lessThan": "6.0.25",
"status": "affected",
"version": "6.0",
"versionType": "custom"
},
{
"lessThan": "7.0.21",
"status": "affected",
"version": "7.0",
"versionType": "custom"
},
{
"lessThan": "8.0.5",
"status": "affected",
"version": "8.0",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eThe MongoDB Windows installation MSI may leave ACLs unset on custom installation directories allowing a local attacker to introduce executable code to MongoDB\u0027s process via DLL hijacking. This issue affects MongoDB Server v6.0 version prior to 6.0.25, MongoDB Server v7.0 version prior to 7.0.21 and MongoDB Server v8.0 version prior to 8.0.5\u003c/p\u003e"
}
],
"value": "The MongoDB Windows installation MSI may leave ACLs unset on custom installation directories allowing a local attacker to introduce executable code to MongoDB\u0027s process via DLL hijacking. This issue affects MongoDB Server v6.0 version prior to 6.0.25, MongoDB Server v7.0 version prior to 7.0.21 and MongoDB Server v8.0 version prior to 8.0.5"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-284",
"description": "CWE-284: Improper Access Control",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-09-15T16:04:54.221Z",
"orgId": "a39b4221-9bd0-4244-95fc-f3e2e07f1deb",
"shortName": "mongodb"
},
"references": [
{
"url": "https://jira.mongodb.org/browse/SERVER-51366"
}
],
"source": {
"discovery": "INTERNAL"
},
"title": "MongoDB Windows installation MSI may leave ACLs unset on custom installation directories",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "a39b4221-9bd0-4244-95fc-f3e2e07f1deb",
"assignerShortName": "mongodb",
"cveId": "CVE-2025-10491",
"datePublished": "2025-09-15T16:04:54.221Z",
"dateReserved": "2025-09-15T15:57:35.554Z",
"dateUpdated": "2025-09-16T03:55:21.417Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-10061 (GCVE-0-2025-10061)
Vulnerability from nvd – Published: 2025-09-05 20:48 – Updated: 2025-09-05 21:08
VLAI?
Title
Malformed $group Query May Cause MongoDB Server to Crash
Summary
An authorized user can cause a crash in the MongoDB Server through a specially crafted $group query. This vulnerability is related to the incorrect handling of certain accumulator functions when additional parameters are specified within the $group operation. This vulnerability could lead to denial of service if triggered repeatedly. This issue affects MongoDB Server v6.0 versions prior to 6.0.25, MongoDB Server v7.0 versions prior to 7.0.22, MongoDB Server v8.0 versions prior to 8.0.12 and MongoDB Server v8.1 versions prior to 8.1.2
Severity ?
6.5 (Medium)
CWE
- CWE-20 - Improper Input Validation
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| MongoDB Inc | MongoDB Server |
Affected:
6.0 , < 6.0.25
(custom)
Affected: 7.0 , < 7.0.22 (custom) Affected: 8.0 , < 8.0.12 (custom) Affected: 8.1 , < 8.1.2 (custom) |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-10061",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-09-05T21:07:15.019864Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-09-05T21:08:44.186Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "MongoDB Server",
"vendor": "MongoDB Inc",
"versions": [
{
"lessThan": "6.0.25",
"status": "affected",
"version": "6.0",
"versionType": "custom"
},
{
"lessThan": "7.0.22",
"status": "affected",
"version": "7.0",
"versionType": "custom"
},
{
"lessThan": "8.0.12",
"status": "affected",
"version": "8.0",
"versionType": "custom"
},
{
"lessThan": "8.1.2",
"status": "affected",
"version": "8.1",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "An authorized user can cause a crash in the MongoDB Server through a specially crafted $group query. This vulnerability is related to the incorrect handling of certain accumulator functions when additional parameters are specified within the $group operation. This vulnerability could lead to denial of service if triggered repeatedly. This issue affects MongoDB Server v6.0 versions prior to 6.0.25, MongoDB Server v7.0 versions prior to 7.0.22, MongoDB Server v8.0 versions prior to 8.0.12 and MongoDB Server v8.1 versions prior to 8.1.2"
}
],
"value": "An authorized user can cause a crash in the MongoDB Server through a specially crafted $group query. This vulnerability is related to the incorrect handling of certain accumulator functions when additional parameters are specified within the $group operation. This vulnerability could lead to denial of service if triggered repeatedly. This issue affects MongoDB Server v6.0 versions prior to 6.0.25, MongoDB Server v7.0 versions prior to 7.0.22, MongoDB Server v8.0 versions prior to 8.0.12 and MongoDB Server v8.1 versions prior to 8.1.2"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "CWE-20 Improper Input Validation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-09-05T20:48:25.215Z",
"orgId": "a39b4221-9bd0-4244-95fc-f3e2e07f1deb",
"shortName": "mongodb"
},
"references": [
{
"url": "https://jira.mongodb.org/browse/SERVER-99616"
}
],
"source": {
"discovery": "INTERNAL"
},
"title": "Malformed $group Query May Cause MongoDB Server to Crash",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "a39b4221-9bd0-4244-95fc-f3e2e07f1deb",
"assignerShortName": "mongodb",
"cveId": "CVE-2025-10061",
"datePublished": "2025-09-05T20:48:25.215Z",
"dateReserved": "2025-09-05T20:41:48.167Z",
"dateUpdated": "2025-09-05T21:08:44.186Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-10060 (GCVE-0-2025-10060)
Vulnerability from nvd – Published: 2025-09-05 20:39 – Updated: 2025-09-05 21:08
VLAI?
Title
MongoDB may be susceptible to Invariant Failure in Transactions due Upsert Operation
Summary
MongoDB Server may allow upsert operations retried within a transaction to violate unique index constraints, potentially causing an invariant failure and server crash during commit. This issue may be triggered by improper WriteUnitOfWork state management. This issue affects MongoDB Server v6.0 versions prior to 6.0.25, MongoDB Server v7.0 versions prior to 7.0.22 and MongoDB Server v8.0 versions prior to 8.0.12
Severity ?
6.5 (Medium)
CWE
- CWE-672 - Operation on a Resource after Expiration or Release
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| MongoDB Inc | MongoDB Server |
Affected:
6.0 , < 6.0.25
(custom)
Affected: 7.0 , < 7.0.22 (custom) Affected: 8.0 , < 8.0.12 (custom) |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-10060",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-09-05T21:07:23.024155Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-09-05T21:08:05.687Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "MongoDB Server",
"vendor": "MongoDB Inc",
"versions": [
{
"lessThan": "6.0.25",
"status": "affected",
"version": "6.0",
"versionType": "custom"
},
{
"lessThan": "7.0.22",
"status": "affected",
"version": "7.0",
"versionType": "custom"
},
{
"lessThan": "8.0.12",
"status": "affected",
"version": "8.0",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "MongoDB Server may allow upsert operations retried within a transaction to violate unique index constraints, potentially causing an invariant failure and server crash during commit. This issue may be triggered by improper WriteUnitOfWork state management. This issue affects MongoDB Server v6.0 versions prior to 6.0.25, MongoDB Server v7.0 versions prior to 7.0.22 and MongoDB Server v8.0 versions prior to 8.0.12"
}
],
"value": "MongoDB Server may allow upsert operations retried within a transaction to violate unique index constraints, potentially causing an invariant failure and server crash during commit. This issue may be triggered by improper WriteUnitOfWork state management. This issue affects MongoDB Server v6.0 versions prior to 6.0.25, MongoDB Server v7.0 versions prior to 7.0.22 and MongoDB Server v8.0 versions prior to 8.0.12"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-672",
"description": "CWE-672 Operation on a Resource after Expiration or Release",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-09-05T20:39:14.188Z",
"orgId": "a39b4221-9bd0-4244-95fc-f3e2e07f1deb",
"shortName": "mongodb"
},
"references": [
{
"url": "https://jira.mongodb.org/browse/SERVER-95524"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "MongoDB may be susceptible to Invariant Failure in Transactions due Upsert Operation",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "a39b4221-9bd0-4244-95fc-f3e2e07f1deb",
"assignerShortName": "mongodb",
"cveId": "CVE-2025-10060",
"datePublished": "2025-09-05T20:39:14.188Z",
"dateReserved": "2025-09-05T20:28:10.874Z",
"dateUpdated": "2025-09-05T21:08:05.687Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-10059 (GCVE-0-2025-10059)
Vulnerability from nvd – Published: 2025-09-05 20:26 – Updated: 2025-09-05 20:44
VLAI?
Title
MongoDB Server router will crash when incorrect lsid is set on a sharded query
Summary
An improper setting of the lsid field on any sharded query can cause a crash in MongoDB routers. This issue occurs when a generic argument (lsid) is provided in a case when it is not applicable. This affects MongoDB Server v6.0 versions prior to 6.0.x, MongoDB Server v7.0 versions prior to 7.0.18 and MongoDB Server v8.0 versions prior to 8.0.6.
Severity ?
6.5 (Medium)
CWE
- CWE-732 - Incorrect Permission Assignment for Critical Resource
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| MongoDB Inc | MongoDB Server |
Affected:
6.0 , < 6.0.24
(custom)
Affected: 7.0 , < 7.0.18 (custom) Affected: 8.0 , < 8.0.6 (custom) |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-10059",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-09-05T20:43:05.307135Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-09-05T20:44:22.665Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "MongoDB Server",
"vendor": "MongoDB Inc",
"versions": [
{
"lessThan": "6.0.24",
"status": "affected",
"version": "6.0",
"versionType": "custom"
},
{
"lessThan": "7.0.18",
"status": "affected",
"version": "7.0",
"versionType": "custom"
},
{
"lessThan": "8.0.6",
"status": "affected",
"version": "8.0",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: transparent;\"\u003eAn improper setting of the lsid field on any sharded query can cause a crash in MongoDB routers. This issue occurs when a generic argument (lsid) is provided in a case when it is not applicable. This affects MongoDB Server v6.0 versions prior to 6.0.x, MongoDB Server v7.0 versions prior to 7.0.18 and MongoDB Server v8.0 versions prior to 8.0.6.\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "An improper setting of the lsid field on any sharded query can cause a crash in MongoDB routers. This issue occurs when a generic argument (lsid) is provided in a case when it is not applicable. This affects MongoDB Server v6.0 versions prior to 6.0.x, MongoDB Server v7.0 versions prior to 7.0.18 and MongoDB Server v8.0 versions prior to 8.0.6."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-732",
"description": "CWE-732 Incorrect Permission Assignment for Critical Resource",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-09-05T20:26:52.612Z",
"orgId": "a39b4221-9bd0-4244-95fc-f3e2e07f1deb",
"shortName": "mongodb"
},
"references": [
{
"url": "https://jira.mongodb.org/browse/SERVER-100901"
},
{
"url": "https://jira.mongodb.org/browse/SERVER-100909"
}
],
"source": {
"discovery": "INTERNAL"
},
"title": "MongoDB Server router will crash when incorrect lsid is set on a sharded query",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "a39b4221-9bd0-4244-95fc-f3e2e07f1deb",
"assignerShortName": "mongodb",
"cveId": "CVE-2025-10059",
"datePublished": "2025-09-05T20:26:52.612Z",
"dateReserved": "2025-09-05T20:10:54.977Z",
"dateUpdated": "2025-09-05T20:44:22.665Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-7259 (GCVE-0-2025-7259)
Vulnerability from nvd – Published: 2025-07-07 15:59 – Updated: 2025-07-07 16:13
VLAI?
Title
Certain Queries with Duplicate _id Fields May Cause MongoDB Server to Crash
Summary
An authorized user can issue queries with duplicate _id fields, that leads to unexpected behavior in MongoDB Server, which may result to crash. This issue can only be triggered by authorized users and cause Denial of Service. This issue affects MongoDB Server v8.1 version 8.1.0.
Severity ?
6.5 (Medium)
CWE
- CWE-843 - Access of Resource Using Incompatible Type ('Type Confusion')
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| MongoDB Inc | MongoDB Server |
Affected:
8.1 , ≤ 8.1.0
(custom)
cpe:2.3:a:mongodb:mongodb:8.1.0:*:*:*:*:*:*:* |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-7259",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-07-07T16:13:43.106144Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-07-07T16:13:48.353Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:mongodb:mongodb:8.1.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "MongoDB Server",
"vendor": "MongoDB Inc",
"versions": [
{
"lessThanOrEqual": "8.1.0",
"status": "affected",
"version": "8.1",
"versionType": "custom"
}
]
}
],
"datePublic": "2025-07-07T15:06:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eAn authorized user can issue queries with duplicate _id fields, that leads to unexpected behavior in MongoDB Server, which may result to crash. This issue can only be triggered by authorized users and cause Denial of Service. This issue affects MongoDB Server v8.1 version 8.1.0.\u003c/p\u003e"
}
],
"value": "An authorized user can issue queries with duplicate _id fields, that leads to unexpected behavior in MongoDB Server, which may result to crash. This issue can only be triggered by authorized users and cause Denial of Service. This issue affects MongoDB Server v8.1 version 8.1.0."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-843",
"description": "CWE-843: Access of Resource Using Incompatible Type (\u0027Type Confusion\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-07-07T15:59:01.902Z",
"orgId": "a39b4221-9bd0-4244-95fc-f3e2e07f1deb",
"shortName": "mongodb"
},
"references": [
{
"url": "https://jira.mongodb.org/browse/SERVER-102693"
}
],
"source": {
"discovery": "INTERNAL"
},
"title": "Certain Queries with Duplicate _id Fields May Cause MongoDB Server to Crash",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "a39b4221-9bd0-4244-95fc-f3e2e07f1deb",
"assignerShortName": "mongodb",
"cveId": "CVE-2025-7259",
"datePublished": "2025-07-07T15:59:01.902Z",
"dateReserved": "2025-07-07T15:05:32.437Z",
"dateUpdated": "2025-07-07T16:13:48.353Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-6714 (GCVE-0-2025-6714)
Vulnerability from nvd – Published: 2025-07-07 14:48 – Updated: 2025-07-07 19:11
VLAI?
Title
Incorrect Handling of incomplete data may prevent mongoS from Accepting New Connections
Summary
MongoDB Server's mongos component can become unresponsive to new connections due to incorrect handling of incomplete data. This affects MongoDB when configured with load balancer support. This issue affects MongoDB Server v6.0 prior to 6.0.23, MongoDB Server v7.0 prior to 7.0.20 and MongoDB Server v8.0 prior to 8.0.9
Required Configuration:
This affects MongoDB sharded clusters when configured with load balancer support for mongos using HAProxy on specified ports.
Severity ?
7.5 (High)
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| MongoDB Inc | MongoDB Server |
Affected:
6.0 , < 6.0.23
(custom)
Affected: 7.0 , < 7.0.20 (custom) Affected: 8.0 , < 8.0.9 (custom) cpe:2.3:a:mongodb:mongodb:6.0.0:*:*:*:*:*:*:* cpe:2.3:a:mongodb:mongodb:6.0.1:*:*:*:*:*:*:* cpe:2.3:a:mongodb:mongodb:6.0.2:*:*:*:*:*:*:* cpe:2.3:a:mongodb:mongodb:6.0.3:*:*:*:*:*:*:* cpe:2.3:a:mongodb:mongodb:6.0.4:*:*:*:*:*:*:* cpe:2.3:a:mongodb:mongodb:6.0.5:*:*:*:*:*:*:* cpe:2.3:a:mongodb:mongodb:6.0.6:*:*:*:*:*:*:* cpe:2.3:a:mongodb:mongodb:6.0.7:*:*:*:*:*:*:* cpe:2.3:a:mongodb:mongodb:6.0.8:*:*:*:*:*:*:* cpe:2.3:a:mongodb:mongodb:6.0.9:*:*:*:*:*:*:* cpe:2.3:a:mongodb:mongodb:6.0.10:*:*:*:*:*:*:* cpe:2.3:a:mongodb:mongodb:6.0.11:*:*:*:*:*:*:* cpe:2.3:a:mongodb:mongodb:6.0.12:*:*:*:*:*:*:* cpe:2.3:a:mongodb:mongodb:6.0.13:*:*:*:*:*:*:* cpe:2.3:a:mongodb:mongodb:6.0.14:*:*:*:*:*:*:* cpe:2.3:a:mongodb:mongodb:6.0.15:*:*:*:*:*:*:* cpe:2.3:a:mongodb:mongodb:6.0.16:*:*:*:*:*:*:* cpe:2.3:a:mongodb:mongodb:6.0.17:*:*:*:*:*:*:* cpe:2.3:a:mongodb:mongodb:6.0.18:*:*:*:*:*:*:* cpe:2.3:a:mongodb:mongodb:6.0.19:*:*:*:*:*:*:* cpe:2.3:a:mongodb:mongodb:6.0.20:*:*:*:*:*:*:* cpe:2.3:a:mongodb:mongodb:6.0.21:*:*:*:*:*:*:* cpe:2.3:a:mongodb:mongodb:6.0.22:*:*:*:*:*:*:* cpe:2.3:a:mongodb:mongodb:7.0.0:*:*:*:*:*:*:* cpe:2.3:a:mongodb:mongodb:7.0.1:*:*:*:*:*:*:* cpe:2.3:a:mongodb:mongodb:7.0.2:*:*:*:*:*:*:* cpe:2.3:a:mongodb:mongodb:7.0.3:*:*:*:*:*:*:* cpe:2.3:a:mongodb:mongodb:7.0.4:*:*:*:*:*:*:* cpe:2.3:a:mongodb:mongodb:7.0.5:*:*:*:*:*:*:* cpe:2.3:a:mongodb:mongodb:7.0.6:*:*:*:*:*:*:* cpe:2.3:a:mongodb:mongodb:7.0.7:*:*:*:*:*:*:* cpe:2.3:a:mongodb:mongodb:7.0.8:*:*:*:*:*:*:* cpe:2.3:a:mongodb:mongodb:7.0.9:*:*:*:*:*:*:* cpe:2.3:a:mongodb:mongodb:7.0.10:*:*:*:*:*:*:* cpe:2.3:a:mongodb:mongodb:7.0.11:*:*:*:*:*:*:* cpe:2.3:a:mongodb:mongodb:7.0.12:*:*:*:*:*:*:* cpe:2.3:a:mongodb:mongodb:7.0.13:*:*:*:*:*:*:* cpe:2.3:a:mongodb:mongodb:7.0.14:*:*:*:*:*:*:* cpe:2.3:a:mongodb:mongodb:7.0.15:*:*:*:*:*:*:* cpe:2.3:a:mongodb:mongodb:7.0.16:*:*:*:*:*:*:* cpe:2.3:a:mongodb:mongodb:7.0.17:*:*:*:*:*:*:* cpe:2.3:a:mongodb:mongodb:7.0.18:*:*:*:*:*:*:* cpe:2.3:a:mongodb:mongodb:7.0.19:*:*:*:*:*:*:* cpe:2.3:a:mongodb:mongodb:8.0.0:*:*:*:*:*:*:* cpe:2.3:a:mongodb:mongodb:8.0.1:*:*:*:*:*:*:* cpe:2.3:a:mongodb:mongodb:8.0.2:*:*:*:*:*:*:* cpe:2.3:a:mongodb:mongodb:8.0.3:*:*:*:*:*:*:* cpe:2.3:a:mongodb:mongodb:8.0.4:*:*:*:*:*:*:* cpe:2.3:a:mongodb:mongodb:8.0.5:*:*:*:*:*:*:* cpe:2.3:a:mongodb:mongodb:8.0.6:*:*:*:*:*:*:* cpe:2.3:a:mongodb:mongodb:8.0.7:*:*:*:*:*:*:* cpe:2.3:a:mongodb:mongodb:8.0.8:*:*:*:*:*:*:* |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-6714",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-07-07T19:11:36.252213Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-07-07T19:11:47.975Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:mongodb:mongodb:6.0.0:*:*:*:*:*:*:*",
"cpe:2.3:a:mongodb:mongodb:6.0.1:*:*:*:*:*:*:*",
"cpe:2.3:a:mongodb:mongodb:6.0.2:*:*:*:*:*:*:*",
"cpe:2.3:a:mongodb:mongodb:6.0.3:*:*:*:*:*:*:*",
"cpe:2.3:a:mongodb:mongodb:6.0.4:*:*:*:*:*:*:*",
"cpe:2.3:a:mongodb:mongodb:6.0.5:*:*:*:*:*:*:*",
"cpe:2.3:a:mongodb:mongodb:6.0.6:*:*:*:*:*:*:*",
"cpe:2.3:a:mongodb:mongodb:6.0.7:*:*:*:*:*:*:*",
"cpe:2.3:a:mongodb:mongodb:6.0.8:*:*:*:*:*:*:*",
"cpe:2.3:a:mongodb:mongodb:6.0.9:*:*:*:*:*:*:*",
"cpe:2.3:a:mongodb:mongodb:6.0.10:*:*:*:*:*:*:*",
"cpe:2.3:a:mongodb:mongodb:6.0.11:*:*:*:*:*:*:*",
"cpe:2.3:a:mongodb:mongodb:6.0.12:*:*:*:*:*:*:*",
"cpe:2.3:a:mongodb:mongodb:6.0.13:*:*:*:*:*:*:*",
"cpe:2.3:a:mongodb:mongodb:6.0.14:*:*:*:*:*:*:*",
"cpe:2.3:a:mongodb:mongodb:6.0.15:*:*:*:*:*:*:*",
"cpe:2.3:a:mongodb:mongodb:6.0.16:*:*:*:*:*:*:*",
"cpe:2.3:a:mongodb:mongodb:6.0.17:*:*:*:*:*:*:*",
"cpe:2.3:a:mongodb:mongodb:6.0.18:*:*:*:*:*:*:*",
"cpe:2.3:a:mongodb:mongodb:6.0.19:*:*:*:*:*:*:*",
"cpe:2.3:a:mongodb:mongodb:6.0.20:*:*:*:*:*:*:*",
"cpe:2.3:a:mongodb:mongodb:6.0.21:*:*:*:*:*:*:*",
"cpe:2.3:a:mongodb:mongodb:6.0.22:*:*:*:*:*:*:*",
"cpe:2.3:a:mongodb:mongodb:7.0.0:*:*:*:*:*:*:*",
"cpe:2.3:a:mongodb:mongodb:7.0.1:*:*:*:*:*:*:*",
"cpe:2.3:a:mongodb:mongodb:7.0.2:*:*:*:*:*:*:*",
"cpe:2.3:a:mongodb:mongodb:7.0.3:*:*:*:*:*:*:*",
"cpe:2.3:a:mongodb:mongodb:7.0.4:*:*:*:*:*:*:*",
"cpe:2.3:a:mongodb:mongodb:7.0.5:*:*:*:*:*:*:*",
"cpe:2.3:a:mongodb:mongodb:7.0.6:*:*:*:*:*:*:*",
"cpe:2.3:a:mongodb:mongodb:7.0.7:*:*:*:*:*:*:*",
"cpe:2.3:a:mongodb:mongodb:7.0.8:*:*:*:*:*:*:*",
"cpe:2.3:a:mongodb:mongodb:7.0.9:*:*:*:*:*:*:*",
"cpe:2.3:a:mongodb:mongodb:7.0.10:*:*:*:*:*:*:*",
"cpe:2.3:a:mongodb:mongodb:7.0.11:*:*:*:*:*:*:*",
"cpe:2.3:a:mongodb:mongodb:7.0.12:*:*:*:*:*:*:*",
"cpe:2.3:a:mongodb:mongodb:7.0.13:*:*:*:*:*:*:*",
"cpe:2.3:a:mongodb:mongodb:7.0.14:*:*:*:*:*:*:*",
"cpe:2.3:a:mongodb:mongodb:7.0.15:*:*:*:*:*:*:*",
"cpe:2.3:a:mongodb:mongodb:7.0.16:*:*:*:*:*:*:*",
"cpe:2.3:a:mongodb:mongodb:7.0.17:*:*:*:*:*:*:*",
"cpe:2.3:a:mongodb:mongodb:7.0.18:*:*:*:*:*:*:*",
"cpe:2.3:a:mongodb:mongodb:7.0.19:*:*:*:*:*:*:*",
"cpe:2.3:a:mongodb:mongodb:8.0.0:*:*:*:*:*:*:*",
"cpe:2.3:a:mongodb:mongodb:8.0.1:*:*:*:*:*:*:*",
"cpe:2.3:a:mongodb:mongodb:8.0.2:*:*:*:*:*:*:*",
"cpe:2.3:a:mongodb:mongodb:8.0.3:*:*:*:*:*:*:*",
"cpe:2.3:a:mongodb:mongodb:8.0.4:*:*:*:*:*:*:*",
"cpe:2.3:a:mongodb:mongodb:8.0.5:*:*:*:*:*:*:*",
"cpe:2.3:a:mongodb:mongodb:8.0.6:*:*:*:*:*:*:*",
"cpe:2.3:a:mongodb:mongodb:8.0.7:*:*:*:*:*:*:*",
"cpe:2.3:a:mongodb:mongodb:8.0.8:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "MongoDB Server",
"vendor": "MongoDB Inc",
"versions": [
{
"lessThan": "6.0.23",
"status": "affected",
"version": "6.0",
"versionType": "custom"
},
{
"lessThan": "7.0.20",
"status": "affected",
"version": "7.0",
"versionType": "custom"
},
{
"lessThan": "8.0.9",
"status": "affected",
"version": "8.0",
"versionType": "custom"
}
]
}
],
"configurations": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cdiv\u003e\u003cp\u003eThis affects MongoDB sharded clusters when configured with load balancer support for mongos using HAProxy on specified ports.\u003c/p\u003e\u003c/div\u003e"
}
],
"value": "This affects MongoDB sharded clusters when configured with load balancer support for mongos using HAProxy on specified ports."
}
],
"datePublic": "2025-07-07T14:45:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eMongoDB Server\u0027s mongos component can become unresponsive to new connections due to incorrect handling of incomplete data. This affects MongoDB when configured with load balancer support. This issue affects MongoDB Server v6.0 prior to 6.0.23, MongoDB Server v7.0 prior to 7.0.20 and MongoDB Server v8.0 prior to 8.0.9\u003c/p\u003e\u003cp\u003e\u003cb\u003eRequired Configuration:\u003c/b\u003e\u003c/p\u003e\u003cp\u003eThis affects MongoDB sharded clusters when configured with load balancer support for mongos using HAProxy on specified ports.\u003c/p\u003e"
}
],
"value": "MongoDB Server\u0027s mongos component can become unresponsive to new connections due to incorrect handling of incomplete data. This affects MongoDB when configured with load balancer support. This issue affects MongoDB Server v6.0 prior to 6.0.23, MongoDB Server v7.0 prior to 7.0.20 and MongoDB Server v8.0 prior to 8.0.9\n\nRequired Configuration:\n\nThis affects MongoDB sharded clusters when configured with load balancer support for mongos using HAProxy on specified ports."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-834",
"description": "CWE-834 Excessive Iteration",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-400",
"description": "CWE-400 Uncontrolled Resource Consumption",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-07-07T14:48:48.312Z",
"orgId": "a39b4221-9bd0-4244-95fc-f3e2e07f1deb",
"shortName": "mongodb"
},
"references": [
{
"url": "https://jira.mongodb.org/browse/SERVER-106753"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Incorrect Handling of incomplete data may prevent mongoS from Accepting New Connections",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "a39b4221-9bd0-4244-95fc-f3e2e07f1deb",
"assignerShortName": "mongodb",
"cveId": "CVE-2025-6714",
"datePublished": "2025-07-07T14:48:48.312Z",
"dateReserved": "2025-06-26T11:58:50.544Z",
"dateUpdated": "2025-07-07T19:11:47.975Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-6713 (GCVE-0-2025-6713)
Vulnerability from nvd – Published: 2025-07-07 14:46 – Updated: 2025-07-18 05:50
VLAI?
Title
MongoDB Server may be susceptible to privilege escalation due to $mergeCursors stage
Summary
An unauthorized user may leverage a specially crafted aggregation pipeline to access data without proper authorization due to improper handling of the $mergeCursors stage in MongoDB Server. This may lead to access to data without further authorisation. This issue affects MongoDB Server MongoDB Server v8.0 versions prior to 8.0.7, MongoDB Server v7.0 versions prior to 7.0.19 and MongoDB Server v6.0 versions prior to 6.0.22
Severity ?
7.7 (High)
CWE
- CWE-285 - Improper Authorization
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| MongoDB Inc | MongoDB Server |
Affected:
6.0 , < 6.0.22
(custom)
Affected: 7.0 , < 7.0.19 (custom) Affected: 8.0 , < 8.0.7 (custom) cpe:2.3:a:mongodb:mongodb:6.0.0:*:*:*:*:*:*:* cpe:2.3:a:mongodb:mongodb:6.0.1:*:*:*:*:*:*:* cpe:2.3:a:mongodb:mongodb:6.0.2:*:*:*:*:*:*:* cpe:2.3:a:mongodb:mongodb:6.0.3:*:*:*:*:*:*:* cpe:2.3:a:mongodb:mongodb:6.0.4:*:*:*:*:*:*:* cpe:2.3:a:mongodb:mongodb:6.0.5:*:*:*:*:*:*:* cpe:2.3:a:mongodb:mongodb:6.0.6:*:*:*:*:*:*:* cpe:2.3:a:mongodb:mongodb:6.0.7:*:*:*:*:*:*:* cpe:2.3:a:mongodb:mongodb:6.0.8:*:*:*:*:*:*:* cpe:2.3:a:mongodb:mongodb:6.0.9:*:*:*:*:*:*:* cpe:2.3:a:mongodb:mongodb:6.0.10:*:*:*:*:*:*:* cpe:2.3:a:mongodb:mongodb:6.0.11:*:*:*:*:*:*:* cpe:2.3:a:mongodb:mongodb:6.0.12:*:*:*:*:*:*:* cpe:2.3:a:mongodb:mongodb:6.0.13:*:*:*:*:*:*:* cpe:2.3:a:mongodb:mongodb:6.0.14:*:*:*:*:*:*:* cpe:2.3:a:mongodb:mongodb:6.0.15:*:*:*:*:*:*:* cpe:2.3:a:mongodb:mongodb:6.0.16:*:*:*:*:*:*:* cpe:2.3:a:mongodb:mongodb:6.0.17:*:*:*:*:*:*:* cpe:2.3:a:mongodb:mongodb:6.0.18:*:*:*:*:*:*:* cpe:2.3:a:mongodb:mongodb:6.0.19:*:*:*:*:*:*:* cpe:2.3:a:mongodb:mongodb:6.0.20:*:*:*:*:*:*:* cpe:2.3:a:mongodb:mongodb:6.0.21:*:*:*:*:*:*:* cpe:2.3:a:mongodb:mongodb:7.0.0:*:*:*:*:*:*:* cpe:2.3:a:mongodb:mongodb:7.0.1:*:*:*:*:*:*:* cpe:2.3:a:mongodb:mongodb:7.0.2:*:*:*:*:*:*:* cpe:2.3:a:mongodb:mongodb:7.0.3:*:*:*:*:*:*:* cpe:2.3:a:mongodb:mongodb:7.0.4:*:*:*:*:*:*:* cpe:2.3:a:mongodb:mongodb:7.0.5:*:*:*:*:*:*:* cpe:2.3:a:mongodb:mongodb:7.0.6:*:*:*:*:*:*:* cpe:2.3:a:mongodb:mongodb:7.0.7:*:*:*:*:*:*:* cpe:2.3:a:mongodb:mongodb:7.0.8:*:*:*:*:*:*:* cpe:2.3:a:mongodb:mongodb:7.0.9:*:*:*:*:*:*:* cpe:2.3:a:mongodb:mongodb:7.0.10:*:*:*:*:*:*:* cpe:2.3:a:mongodb:mongodb:7.0.11:*:*:*:*:*:*:* cpe:2.3:a:mongodb:mongodb:7.0.12:*:*:*:*:*:*:* cpe:2.3:a:mongodb:mongodb:7.0.13:*:*:*:*:*:*:* cpe:2.3:a:mongodb:mongodb:7.0.14:*:*:*:*:*:*:* cpe:2.3:a:mongodb:mongodb:7.0.15:*:*:*:*:*:*:* cpe:2.3:a:mongodb:mongodb:7.0.16:*:*:*:*:*:*:* cpe:2.3:a:mongodb:mongodb:7.0.17:*:*:*:*:*:*:* cpe:2.3:a:mongodb:mongodb:7.0.18:*:*:*:*:*:*:* cpe:2.3:a:mongodb:mongodb:8.0.0:*:*:*:*:*:*:* cpe:2.3:a:mongodb:mongodb:8.0.1:*:*:*:*:*:*:* cpe:2.3:a:mongodb:mongodb:8.0.2:*:*:*:*:*:*:* cpe:2.3:a:mongodb:mongodb:8.0.3:*:*:*:*:*:*:* cpe:2.3:a:mongodb:mongodb:8.0.4:*:*:*:*:*:*:* cpe:2.3:a:mongodb:mongodb:8.0.5:*:*:*:*:*:*:* cpe:2.3:a:mongodb:mongodb:8.0.6:*:*:*:*:*:*:* |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-6713",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-07-07T19:11:00.438009Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-07-07T19:11:13.152Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:mongodb:mongodb:6.0.0:*:*:*:*:*:*:*",
"cpe:2.3:a:mongodb:mongodb:6.0.1:*:*:*:*:*:*:*",
"cpe:2.3:a:mongodb:mongodb:6.0.2:*:*:*:*:*:*:*",
"cpe:2.3:a:mongodb:mongodb:6.0.3:*:*:*:*:*:*:*",
"cpe:2.3:a:mongodb:mongodb:6.0.4:*:*:*:*:*:*:*",
"cpe:2.3:a:mongodb:mongodb:6.0.5:*:*:*:*:*:*:*",
"cpe:2.3:a:mongodb:mongodb:6.0.6:*:*:*:*:*:*:*",
"cpe:2.3:a:mongodb:mongodb:6.0.7:*:*:*:*:*:*:*",
"cpe:2.3:a:mongodb:mongodb:6.0.8:*:*:*:*:*:*:*",
"cpe:2.3:a:mongodb:mongodb:6.0.9:*:*:*:*:*:*:*",
"cpe:2.3:a:mongodb:mongodb:6.0.10:*:*:*:*:*:*:*",
"cpe:2.3:a:mongodb:mongodb:6.0.11:*:*:*:*:*:*:*",
"cpe:2.3:a:mongodb:mongodb:6.0.12:*:*:*:*:*:*:*",
"cpe:2.3:a:mongodb:mongodb:6.0.13:*:*:*:*:*:*:*",
"cpe:2.3:a:mongodb:mongodb:6.0.14:*:*:*:*:*:*:*",
"cpe:2.3:a:mongodb:mongodb:6.0.15:*:*:*:*:*:*:*",
"cpe:2.3:a:mongodb:mongodb:6.0.16:*:*:*:*:*:*:*",
"cpe:2.3:a:mongodb:mongodb:6.0.17:*:*:*:*:*:*:*",
"cpe:2.3:a:mongodb:mongodb:6.0.18:*:*:*:*:*:*:*",
"cpe:2.3:a:mongodb:mongodb:6.0.19:*:*:*:*:*:*:*",
"cpe:2.3:a:mongodb:mongodb:6.0.20:*:*:*:*:*:*:*",
"cpe:2.3:a:mongodb:mongodb:6.0.21:*:*:*:*:*:*:*",
"cpe:2.3:a:mongodb:mongodb:7.0.0:*:*:*:*:*:*:*",
"cpe:2.3:a:mongodb:mongodb:7.0.1:*:*:*:*:*:*:*",
"cpe:2.3:a:mongodb:mongodb:7.0.2:*:*:*:*:*:*:*",
"cpe:2.3:a:mongodb:mongodb:7.0.3:*:*:*:*:*:*:*",
"cpe:2.3:a:mongodb:mongodb:7.0.4:*:*:*:*:*:*:*",
"cpe:2.3:a:mongodb:mongodb:7.0.5:*:*:*:*:*:*:*",
"cpe:2.3:a:mongodb:mongodb:7.0.6:*:*:*:*:*:*:*",
"cpe:2.3:a:mongodb:mongodb:7.0.7:*:*:*:*:*:*:*",
"cpe:2.3:a:mongodb:mongodb:7.0.8:*:*:*:*:*:*:*",
"cpe:2.3:a:mongodb:mongodb:7.0.9:*:*:*:*:*:*:*",
"cpe:2.3:a:mongodb:mongodb:7.0.10:*:*:*:*:*:*:*",
"cpe:2.3:a:mongodb:mongodb:7.0.11:*:*:*:*:*:*:*",
"cpe:2.3:a:mongodb:mongodb:7.0.12:*:*:*:*:*:*:*",
"cpe:2.3:a:mongodb:mongodb:7.0.13:*:*:*:*:*:*:*",
"cpe:2.3:a:mongodb:mongodb:7.0.14:*:*:*:*:*:*:*",
"cpe:2.3:a:mongodb:mongodb:7.0.15:*:*:*:*:*:*:*",
"cpe:2.3:a:mongodb:mongodb:7.0.16:*:*:*:*:*:*:*",
"cpe:2.3:a:mongodb:mongodb:7.0.17:*:*:*:*:*:*:*",
"cpe:2.3:a:mongodb:mongodb:7.0.18:*:*:*:*:*:*:*",
"cpe:2.3:a:mongodb:mongodb:8.0.0:*:*:*:*:*:*:*",
"cpe:2.3:a:mongodb:mongodb:8.0.1:*:*:*:*:*:*:*",
"cpe:2.3:a:mongodb:mongodb:8.0.2:*:*:*:*:*:*:*",
"cpe:2.3:a:mongodb:mongodb:8.0.3:*:*:*:*:*:*:*",
"cpe:2.3:a:mongodb:mongodb:8.0.4:*:*:*:*:*:*:*",
"cpe:2.3:a:mongodb:mongodb:8.0.5:*:*:*:*:*:*:*",
"cpe:2.3:a:mongodb:mongodb:8.0.6:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "MongoDB Server",
"vendor": "MongoDB Inc",
"versions": [
{
"lessThan": "6.0.22",
"status": "affected",
"version": "6.0",
"versionType": "custom"
},
{
"lessThan": "7.0.19",
"status": "affected",
"version": "7.0",
"versionType": "custom"
},
{
"lessThan": "8.0.7",
"status": "affected",
"version": "8.0",
"versionType": "custom"
}
]
}
],
"datePublic": "2025-07-07T14:45:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eAn unauthorized user may leverage a specially crafted aggregation pipeline to access data without proper authorization due to improper handling of the $mergeCursors stage in MongoDB Server. This may lead to access to data without further authorisation. This issue affects MongoDB Server MongoDB Server v8.0 versions prior to 8.0.7, MongoDB Server v7.0 versions prior to 7.0.19 and MongoDB Server v6.0 versions prior to 6.0.22\u003c/p\u003e"
}
],
"value": "An unauthorized user may leverage a specially crafted aggregation pipeline to access data without proper authorization due to improper handling of the $mergeCursors stage in MongoDB Server. This may lead to access to data without further authorisation. This issue affects MongoDB Server MongoDB Server v8.0 versions prior to 8.0.7, MongoDB Server v7.0 versions prior to 7.0.19 and MongoDB Server v6.0 versions prior to 6.0.22"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.7,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-285",
"description": "CWE-285: Improper Authorization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-07-18T05:50:23.153Z",
"orgId": "a39b4221-9bd0-4244-95fc-f3e2e07f1deb",
"shortName": "mongodb"
},
"references": [
{
"url": "https://jira.mongodb.org/browse/SERVER-106752"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "MongoDB Server may be susceptible to privilege escalation due to $mergeCursors stage",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "a39b4221-9bd0-4244-95fc-f3e2e07f1deb",
"assignerShortName": "mongodb",
"cveId": "CVE-2025-6713",
"datePublished": "2025-07-07T14:46:36.201Z",
"dateReserved": "2025-06-26T11:52:57.357Z",
"dateUpdated": "2025-07-18T05:50:23.153Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2026-25613 (GCVE-0-2026-25613)
Vulnerability from cvelistv5 – Published: 2026-02-10 18:54 – Updated: 2026-02-10 19:15
VLAI?
Title
An unsafe cast in the MongoDB query planner can result in a segmentation fault.
Summary
An authorized user may disable the MongoDB server by issuing a query against a collection that contains an invalid compound wildcard index.
Severity ?
CWE
- CWE-704 - Incorrect Type Conversion or Cast
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| MongoDB Inc | MongoDB Server |
Affected:
7.0 , < 7.0.29
(semver)
Affected: 8.0 , < 8.0.18 (semver) Affected: 8.2 , < 8.2.4 (semver) |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-25613",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-02-10T19:13:57.583214Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-02-10T19:15:20.731Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "MongoDB Server",
"vendor": "MongoDB Inc",
"versions": [
{
"lessThan": "7.0.29",
"status": "affected",
"version": "7.0",
"versionType": "semver"
},
{
"lessThan": "8.0.18",
"status": "affected",
"version": "8.0",
"versionType": "semver"
},
{
"lessThan": "8.2.4",
"status": "affected",
"version": "8.2",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "An authorized user may disable the MongoDB server by issuing a query against a collection that contains an invalid compound wildcard index."
}
],
"value": "An authorized user may disable the MongoDB server by issuing a query against a collection that contains an invalid compound wildcard index."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "LOW",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
},
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-704",
"description": "CWE-704 Incorrect Type Conversion or Cast",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-02-10T18:54:50.376Z",
"orgId": "a39b4221-9bd0-4244-95fc-f3e2e07f1deb",
"shortName": "mongodb"
},
"references": [
{
"url": "https://jira.mongodb.org/browse/SERVER-113685"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "An unsafe cast in the MongoDB query planner can result in a segmentation fault.",
"x_generator": {
"engine": "Vulnogram 0.5.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "a39b4221-9bd0-4244-95fc-f3e2e07f1deb",
"assignerShortName": "mongodb",
"cveId": "CVE-2026-25613",
"datePublished": "2026-02-10T18:54:50.376Z",
"dateReserved": "2026-02-03T18:21:58.986Z",
"dateUpdated": "2026-02-10T19:15:20.731Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-1849 (GCVE-0-2026-1849)
Vulnerability from cvelistv5 – Published: 2026-02-10 18:52 – Updated: 2026-02-10 19:17
VLAI?
Title
Mongod can run out of stack memory when expressions create deeply nested documents
Summary
MongoDB Server may experience an out-of-memory failure while evaluating expressions that produce deeply nested documents. The issue arises in recursive functions because the server does not periodically check the depth of the expression.
Severity ?
CWE
- CWE-674 - Uncontrolled Recursion
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| MongoDB Inc | MongoDB Server |
Affected:
8.0 , < 8.0.18
(semver)
Affected: 7.0 , < 7.0.29 (semver) Affected: 8.2 , < 8.2.2 (semver) |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-1849",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-02-10T19:16:27.778333Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-02-10T19:17:02.296Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "MongoDB Server",
"vendor": "MongoDB Inc",
"versions": [
{
"lessThan": "8.0.18",
"status": "affected",
"version": "8.0",
"versionType": "semver"
},
{
"lessThan": "7.0.29",
"status": "affected",
"version": "7.0",
"versionType": "semver"
},
{
"lessThan": "8.2.2",
"status": "affected",
"version": "8.2",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "MongoDB Server may experience an out-of-memory failure while evaluating expressions that produce deeply nested documents. The issue arises in recursive functions because the server does not periodically check the depth of the expression."
}
],
"value": "MongoDB Server may experience an out-of-memory failure while evaluating expressions that produce deeply nested documents. The issue arises in recursive functions because the server does not periodically check the depth of the expression."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "LOW",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
},
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-674",
"description": "CWE-674 Uncontrolled Recursion",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-02-10T18:52:52.737Z",
"orgId": "a39b4221-9bd0-4244-95fc-f3e2e07f1deb",
"shortName": "mongodb"
},
"references": [
{
"url": "https://jira.mongodb.org/browse/SERVER-102364"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Mongod can run out of stack memory when expressions create deeply nested documents",
"x_generator": {
"engine": "Vulnogram 0.5.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "a39b4221-9bd0-4244-95fc-f3e2e07f1deb",
"assignerShortName": "mongodb",
"cveId": "CVE-2026-1849",
"datePublished": "2026-02-10T18:52:52.737Z",
"dateReserved": "2026-02-03T18:21:52.859Z",
"dateUpdated": "2026-02-10T19:17:02.296Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-1850 (GCVE-0-2026-1850)
Vulnerability from cvelistv5 – Published: 2026-02-10 18:49 – Updated: 2026-02-10 19:18
VLAI?
Title
An authorized user may disable the MongoDB server by issuing a certain type of complex query due to boolean expression simplification
Summary
Complex queries can cause excessive memory usage in MongoDB Query Planner resulting in an Out-Of-Memory Crash.
Severity ?
CWE
- CWE-770 - Allocation of Resources Without Limits or Throttling
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| MongoDB Inc | MongoDB Server |
Affected:
8.0 , < 8.0.18
(semver)
Affected: 8.2 , < 8.2.4 (semver) |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-1850",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-02-10T19:18:16.858032Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-02-10T19:18:26.224Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "MongoDB Server",
"vendor": "MongoDB Inc",
"versions": [
{
"lessThan": "8.0.18",
"status": "affected",
"version": "8.0",
"versionType": "semver"
},
{
"lessThan": "8.2.4",
"status": "affected",
"version": "8.2",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Complex queries can cause excessive memory usage in MongoDB Query Planner resulting in an Out-Of-Memory Crash.\u003cbr\u003e"
}
],
"value": "Complex queries can cause excessive memory usage in MongoDB Query Planner resulting in an Out-Of-Memory Crash."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "LOW",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
},
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-770",
"description": "CWE-770 Allocation of Resources Without Limits or Throttling",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-02-10T18:49:32.084Z",
"orgId": "a39b4221-9bd0-4244-95fc-f3e2e07f1deb",
"shortName": "mongodb"
},
"references": [
{
"url": "https://jira.mongodb.org/browse/SERVER-114126"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "An authorized user may disable the MongoDB server by issuing a certain type of complex query due to boolean expression simplification",
"x_generator": {
"engine": "Vulnogram 0.5.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "a39b4221-9bd0-4244-95fc-f3e2e07f1deb",
"assignerShortName": "mongodb",
"cveId": "CVE-2026-1850",
"datePublished": "2026-02-10T18:49:32.084Z",
"dateReserved": "2026-02-03T18:21:53.785Z",
"dateUpdated": "2026-02-10T19:18:26.224Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-25609 (GCVE-0-2026-25609)
Vulnerability from cvelistv5 – Published: 2026-02-10 18:39 – Updated: 2026-02-10 19:52
VLAI?
Title
profile command may permit unauthorized configuration
Summary
Incorrect validation of the profile command may result in the determination that a request altering the 'filter' is read-only.
Severity ?
5.4 (Medium)
CWE
- CWE-862 - Missing Authorization
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| MongoDB Inc | MongoDB Server |
Affected:
8.2 , < 8.2.4
(semver)
Affected: 8.0 , < 8.0.18 (semver) Affected: 7.0 , < 7.0.29 (semver) |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-25609",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-02-10T19:37:32.976979Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-02-10T19:52:07.572Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "MongoDB Server",
"vendor": "MongoDB Inc",
"versions": [
{
"lessThan": "8.2.4",
"status": "affected",
"version": "8.2",
"versionType": "semver"
},
{
"lessThan": "8.0.18",
"status": "affected",
"version": "8.0",
"versionType": "semver"
},
{
"lessThan": "7.0.29",
"status": "affected",
"version": "7.0",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Incorrect validation of the profile command may result in the determination that a request altering the \u0027filter\u0027 is read-only.\u003cbr\u003e"
}
],
"value": "Incorrect validation of the profile command may result in the determination that a request altering the \u0027filter\u0027 is read-only."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "LOW",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:L/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "LOW",
"vulnConfidentialityImpact": "LOW",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
},
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-862",
"description": "CWE-862 Missing Authorization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-02-10T18:39:11.201Z",
"orgId": "a39b4221-9bd0-4244-95fc-f3e2e07f1deb",
"shortName": "mongodb"
},
"references": [
{
"url": "https://jira.mongodb.org/browse/SERVER-112952"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "profile command may permit unauthorized configuration",
"x_generator": {
"engine": "Vulnogram 0.5.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "a39b4221-9bd0-4244-95fc-f3e2e07f1deb",
"assignerShortName": "mongodb",
"cveId": "CVE-2026-25609",
"datePublished": "2026-02-10T18:39:11.201Z",
"dateReserved": "2026-02-03T18:21:58.985Z",
"dateUpdated": "2026-02-10T19:52:07.572Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-25610 (GCVE-0-2026-25610)
Vulnerability from cvelistv5 – Published: 2026-02-10 18:30 – Updated: 2026-02-10 20:29
VLAI?
Title
Invalid $geoNear index hint may cause server crash
Summary
An authorized user may trigger a server crash by running a $geoNear pipeline with certain invalid index hints.
Severity ?
CWE
- CWE-617 - Reachable Assertion
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| MongoDB Inc | MongoDB Server |
Affected:
8.0 , < 8.0.13
(semver)
Affected: 7.0 , < 7.0.29 (semver) |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-25610",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-02-10T20:29:38.183923Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-02-10T20:29:51.688Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "MongoDB Server",
"vendor": "MongoDB Inc",
"versions": [
{
"lessThan": "8.0.13",
"status": "affected",
"version": "8.0",
"versionType": "semver"
},
{
"lessThan": "7.0.29",
"status": "affected",
"version": "7.0",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "An authorized user may trigger a server crash by running a $geoNear pipeline with certain invalid index hints.\u003cbr\u003e"
}
],
"value": "An authorized user may trigger a server crash by running a $geoNear pipeline with certain invalid index hints."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "LOW",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
},
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-617",
"description": "CWE-617 Reachable Assertion",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-02-10T18:30:40.756Z",
"orgId": "a39b4221-9bd0-4244-95fc-f3e2e07f1deb",
"shortName": "mongodb"
},
"references": [
{
"url": "https://jira.mongodb.org/browse/SERVER-99119"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Invalid $geoNear index hint may cause server crash",
"x_generator": {
"engine": "Vulnogram 0.5.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "a39b4221-9bd0-4244-95fc-f3e2e07f1deb",
"assignerShortName": "mongodb",
"cveId": "CVE-2026-25610",
"datePublished": "2026-02-10T18:30:40.756Z",
"dateReserved": "2026-02-03T18:21:58.985Z",
"dateUpdated": "2026-02-10T20:29:51.688Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-1848 (GCVE-0-2026-1848)
Vulnerability from cvelistv5 – Published: 2026-02-10 18:22 – Updated: 2026-02-11 15:17
VLAI?
Title
Connections received from the proxy port may not count towards total accepted connections
Summary
Connections received from the proxy port may not count towards total accepted connections, resulting in server crashes if the total number of connections exceeds available resources. This only applies to connections accepted from the proxy port, pending the proxy protocol header.
Severity ?
CWE
- CWE-770 - Allocation of Resources Without Limits or Throttling
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| MongoDB Inc | MongoDB Server |
Affected:
8.2 , < 8.2.4
(semver)
Affected: 8.0 , < 8.0.18 (semver) Affected: 7.0 , < 7.0.29 (semver) |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-1848",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-02-11T15:16:52.444535Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-02-11T15:17:01.970Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "MongoDB Server",
"vendor": "MongoDB Inc",
"versions": [
{
"lessThan": "8.2.4",
"status": "affected",
"version": "8.2",
"versionType": "semver"
},
{
"lessThan": "8.0.18",
"status": "affected",
"version": "8.0",
"versionType": "semver"
},
{
"lessThan": "7.0.29",
"status": "affected",
"version": "7.0",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Connections received from the proxy port may not count towards total accepted connections, resulting in server crashes if the total number of connections exceeds available resources. This only applies to connections accepted from the proxy port, pending the proxy protocol header.\u003cbr\u003e\u003cbr\u003e"
}
],
"value": "Connections received from the proxy port may not count towards total accepted connections, resulting in server crashes if the total number of connections exceeds available resources. This only applies to connections accepted from the proxy port, pending the proxy protocol header."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "PRESENT",
"attackVector": "NETWORK",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
},
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-770",
"description": "CWE-770 Allocation of Resources Without Limits or Throttling",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-02-10T18:22:41.971Z",
"orgId": "a39b4221-9bd0-4244-95fc-f3e2e07f1deb",
"shortName": "mongodb"
},
"references": [
{
"url": "https://jira.mongodb.org/browse/SERVER-114695"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Connections received from the proxy port may not count towards total accepted connections",
"x_generator": {
"engine": "Vulnogram 0.5.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "a39b4221-9bd0-4244-95fc-f3e2e07f1deb",
"assignerShortName": "mongodb",
"cveId": "CVE-2026-1848",
"datePublished": "2026-02-10T18:22:41.971Z",
"dateReserved": "2026-02-03T18:21:51.892Z",
"dateUpdated": "2026-02-11T15:17:01.970Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-1847 (GCVE-0-2026-1847)
Vulnerability from cvelistv5 – Published: 2026-02-10 18:16 – Updated: 2026-02-10 20:12
VLAI?
Title
MongoDB Server may crash when inserting large documents
Summary
Inserting certain large documents into a replica set could lead to replica set secondaries not being able to fetch the oplog from the primary. This could stall replication inside the replica set leading to server crash.
Severity ?
CWE
- CWE-770 - Allocation of Resources Without Limits or Throttling
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| MongoDB Inc | MongoDB Server |
Affected:
8.0 , < 8.0.18
(semver)
Affected: 7.0 , < 7.0.29 (semver) |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-1847",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-02-10T20:11:52.934322Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-02-10T20:12:18.968Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "MongoDB Server",
"vendor": "MongoDB Inc",
"versions": [
{
"lessThan": "8.0.18",
"status": "affected",
"version": "8.0",
"versionType": "semver"
},
{
"lessThan": "7.0.29",
"status": "affected",
"version": "7.0",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Inserting certain large documents into a replica set could lead to replica set secondaries not being able to fetch the oplog from the primary. This could stall replication inside the replica set leading to server crash."
}
],
"value": "Inserting certain large documents into a replica set could lead to replica set secondaries not being able to fetch the oplog from the primary. This could stall replication inside the replica set leading to server crash."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "LOW",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
},
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-770",
"description": "CWE-770 Allocation of Resources Without Limits or Throttling",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-02-10T18:16:24.739Z",
"orgId": "a39b4221-9bd0-4244-95fc-f3e2e07f1deb",
"shortName": "mongodb"
},
"references": [
{
"url": "https://jira.mongodb.org/browse/SERVER-113532"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "MongoDB Server may crash when inserting large documents",
"x_generator": {
"engine": "Vulnogram 0.5.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "a39b4221-9bd0-4244-95fc-f3e2e07f1deb",
"assignerShortName": "mongodb",
"cveId": "CVE-2026-1847",
"datePublished": "2026-02-10T18:16:24.739Z",
"dateReserved": "2026-02-03T18:21:50.648Z",
"dateUpdated": "2026-02-10T20:12:18.968Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-25612 (GCVE-0-2026-25612)
Vulnerability from cvelistv5 – Published: 2026-02-10 18:05 – Updated: 2026-02-10 18:59
VLAI?
Title
Internal ResourceId collision may affect unrelated collections
Summary
The internal locking mechanism of the MongoDB server uses an internal encoding of the resources in order to choose what lock to take. Collections may inadvertently collide with one another in this representation causing unavailability between them due to conflicting locks.
Severity ?
CWE
- CWE-412 - Unrestricted Externally Accessible Lock
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| MongoDB Inc | MongoDB Server |
Affected:
8.2 , < 8.2.4
(semver)
Affected: 8.0 , < 8.0.18 (semver) Affected: 7.0 , < 7.0.29 (semver) |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-25612",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-02-10T18:59:20.305133Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-02-10T18:59:27.442Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "MongoDB Server",
"vendor": "MongoDB Inc",
"versions": [
{
"lessThan": "8.2.4",
"status": "affected",
"version": "8.2",
"versionType": "semver"
},
{
"lessThan": "8.0.18",
"status": "affected",
"version": "8.0",
"versionType": "semver"
},
{
"lessThan": "7.0.29",
"status": "affected",
"version": "7.0",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "The internal locking mechanism of the MongoDB server uses an internal encoding of the resources in order to choose what lock to take. Collections may inadvertently collide with one another in this representation causing unavailability between them due to conflicting locks."
}
],
"value": "The internal locking mechanism of the MongoDB server uses an internal encoding of the resources in order to choose what lock to take. Collections may inadvertently collide with one another in this representation causing unavailability between them due to conflicting locks."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "LOW",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
},
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-412",
"description": "CWE-412 Unrestricted Externally Accessible Lock",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-02-10T18:05:23.851Z",
"orgId": "a39b4221-9bd0-4244-95fc-f3e2e07f1deb",
"shortName": "mongodb"
},
"references": [
{
"url": "https://jira.mongodb.org/browse/SERVER-114838"
},
{
"url": "https://jira.mongodb.org/browse/SERVER-115296"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Internal ResourceId collision may affect unrelated collections",
"x_generator": {
"engine": "Vulnogram 0.5.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "a39b4221-9bd0-4244-95fc-f3e2e07f1deb",
"assignerShortName": "mongodb",
"cveId": "CVE-2026-25612",
"datePublished": "2026-02-10T18:05:23.851Z",
"dateReserved": "2026-02-03T18:21:58.986Z",
"dateUpdated": "2026-02-10T18:59:27.442Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-25611 (GCVE-0-2026-25611)
Vulnerability from cvelistv5 – Published: 2026-02-10 17:52 – Updated: 2026-02-11 15:21
VLAI?
Title
Pre-Authentication Memory Exhaustion Denial of Service in MongoDB Server
Summary
A series of specifically crafted, unauthenticated messages can exhaust available memory and crash a MongoDB server.
Severity ?
CWE
- CWE-405 - Asymmetric Resource Consumption (Amplification)
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| MongoDB Inc | MongoDB Server |
Affected:
8.2 , < 8.2.4
(semver)
Affected: 8.0 , < 8.0.18 (semver) Affected: 7.0 , < 7.0.29 (semver) |
Credits
Vitaly Simonovich
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-25611",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-02-11T15:20:57.244281Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-02-11T15:21:16.207Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "MongoDB Server",
"vendor": "MongoDB Inc",
"versions": [
{
"lessThan": "8.2.4",
"status": "affected",
"version": "8.2",
"versionType": "semver"
},
{
"lessThan": "8.0.18",
"status": "affected",
"version": "8.0",
"versionType": "semver"
},
{
"lessThan": "7.0.29",
"status": "affected",
"version": "7.0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "Vitaly Simonovich"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "A series of specifically crafted, unauthenticated messages can exhaust available memory and crash a MongoDB server."
}
],
"value": "A series of specifically crafted, unauthenticated messages can exhaust available memory and crash a MongoDB server."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 8.7,
"baseSeverity": "HIGH",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
},
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-405",
"description": "CWE-405 Asymmetric Resource Consumption (Amplification)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-02-10T17:52:47.181Z",
"orgId": "a39b4221-9bd0-4244-95fc-f3e2e07f1deb",
"shortName": "mongodb"
},
"references": [
{
"url": "https://jira.mongodb.org/browse/SERVER-116210"
},
{
"url": "https://jira.mongodb.org/browse/SERVER-116206"
},
{
"url": "https://jira.mongodb.org/browse/SERVER-116211"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Pre-Authentication Memory Exhaustion Denial of Service in MongoDB Server",
"x_generator": {
"engine": "Vulnogram 0.5.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "a39b4221-9bd0-4244-95fc-f3e2e07f1deb",
"assignerShortName": "mongodb",
"cveId": "CVE-2026-25611",
"datePublished": "2026-02-10T17:52:47.181Z",
"dateReserved": "2026-02-03T18:21:58.986Z",
"dateUpdated": "2026-02-11T15:21:16.207Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-10491 (GCVE-0-2025-10491)
Vulnerability from cvelistv5 – Published: 2025-09-15 16:04 – Updated: 2025-09-16 03:55
VLAI?
Title
MongoDB Windows installation MSI may leave ACLs unset on custom installation directories
Summary
The MongoDB Windows installation MSI may leave ACLs unset on custom installation directories allowing a local attacker to introduce executable code to MongoDB's process via DLL hijacking. This issue affects MongoDB Server v6.0 version prior to 6.0.25, MongoDB Server v7.0 version prior to 7.0.21 and MongoDB Server v8.0 version prior to 8.0.5
Severity ?
7.8 (High)
CWE
- CWE-284 - Improper Access Control
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| MongoDB Inc | MongoDB Server |
Affected:
6.0 , < 6.0.25
(custom)
Affected: 7.0 , < 7.0.21 (custom) Affected: 8.0 , < 8.0.5 (custom) |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-10491",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-09-15T00:00:00+00:00",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-09-16T03:55:21.417Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"platforms": [
"Windows"
],
"product": "MongoDB Server",
"vendor": "MongoDB Inc",
"versions": [
{
"lessThan": "6.0.25",
"status": "affected",
"version": "6.0",
"versionType": "custom"
},
{
"lessThan": "7.0.21",
"status": "affected",
"version": "7.0",
"versionType": "custom"
},
{
"lessThan": "8.0.5",
"status": "affected",
"version": "8.0",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eThe MongoDB Windows installation MSI may leave ACLs unset on custom installation directories allowing a local attacker to introduce executable code to MongoDB\u0027s process via DLL hijacking. This issue affects MongoDB Server v6.0 version prior to 6.0.25, MongoDB Server v7.0 version prior to 7.0.21 and MongoDB Server v8.0 version prior to 8.0.5\u003c/p\u003e"
}
],
"value": "The MongoDB Windows installation MSI may leave ACLs unset on custom installation directories allowing a local attacker to introduce executable code to MongoDB\u0027s process via DLL hijacking. This issue affects MongoDB Server v6.0 version prior to 6.0.25, MongoDB Server v7.0 version prior to 7.0.21 and MongoDB Server v8.0 version prior to 8.0.5"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-284",
"description": "CWE-284: Improper Access Control",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-09-15T16:04:54.221Z",
"orgId": "a39b4221-9bd0-4244-95fc-f3e2e07f1deb",
"shortName": "mongodb"
},
"references": [
{
"url": "https://jira.mongodb.org/browse/SERVER-51366"
}
],
"source": {
"discovery": "INTERNAL"
},
"title": "MongoDB Windows installation MSI may leave ACLs unset on custom installation directories",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "a39b4221-9bd0-4244-95fc-f3e2e07f1deb",
"assignerShortName": "mongodb",
"cveId": "CVE-2025-10491",
"datePublished": "2025-09-15T16:04:54.221Z",
"dateReserved": "2025-09-15T15:57:35.554Z",
"dateUpdated": "2025-09-16T03:55:21.417Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-10061 (GCVE-0-2025-10061)
Vulnerability from cvelistv5 – Published: 2025-09-05 20:48 – Updated: 2025-09-05 21:08
VLAI?
Title
Malformed $group Query May Cause MongoDB Server to Crash
Summary
An authorized user can cause a crash in the MongoDB Server through a specially crafted $group query. This vulnerability is related to the incorrect handling of certain accumulator functions when additional parameters are specified within the $group operation. This vulnerability could lead to denial of service if triggered repeatedly. This issue affects MongoDB Server v6.0 versions prior to 6.0.25, MongoDB Server v7.0 versions prior to 7.0.22, MongoDB Server v8.0 versions prior to 8.0.12 and MongoDB Server v8.1 versions prior to 8.1.2
Severity ?
6.5 (Medium)
CWE
- CWE-20 - Improper Input Validation
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| MongoDB Inc | MongoDB Server |
Affected:
6.0 , < 6.0.25
(custom)
Affected: 7.0 , < 7.0.22 (custom) Affected: 8.0 , < 8.0.12 (custom) Affected: 8.1 , < 8.1.2 (custom) |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-10061",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-09-05T21:07:15.019864Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-09-05T21:08:44.186Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "MongoDB Server",
"vendor": "MongoDB Inc",
"versions": [
{
"lessThan": "6.0.25",
"status": "affected",
"version": "6.0",
"versionType": "custom"
},
{
"lessThan": "7.0.22",
"status": "affected",
"version": "7.0",
"versionType": "custom"
},
{
"lessThan": "8.0.12",
"status": "affected",
"version": "8.0",
"versionType": "custom"
},
{
"lessThan": "8.1.2",
"status": "affected",
"version": "8.1",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "An authorized user can cause a crash in the MongoDB Server through a specially crafted $group query. This vulnerability is related to the incorrect handling of certain accumulator functions when additional parameters are specified within the $group operation. This vulnerability could lead to denial of service if triggered repeatedly. This issue affects MongoDB Server v6.0 versions prior to 6.0.25, MongoDB Server v7.0 versions prior to 7.0.22, MongoDB Server v8.0 versions prior to 8.0.12 and MongoDB Server v8.1 versions prior to 8.1.2"
}
],
"value": "An authorized user can cause a crash in the MongoDB Server through a specially crafted $group query. This vulnerability is related to the incorrect handling of certain accumulator functions when additional parameters are specified within the $group operation. This vulnerability could lead to denial of service if triggered repeatedly. This issue affects MongoDB Server v6.0 versions prior to 6.0.25, MongoDB Server v7.0 versions prior to 7.0.22, MongoDB Server v8.0 versions prior to 8.0.12 and MongoDB Server v8.1 versions prior to 8.1.2"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "CWE-20 Improper Input Validation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-09-05T20:48:25.215Z",
"orgId": "a39b4221-9bd0-4244-95fc-f3e2e07f1deb",
"shortName": "mongodb"
},
"references": [
{
"url": "https://jira.mongodb.org/browse/SERVER-99616"
}
],
"source": {
"discovery": "INTERNAL"
},
"title": "Malformed $group Query May Cause MongoDB Server to Crash",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "a39b4221-9bd0-4244-95fc-f3e2e07f1deb",
"assignerShortName": "mongodb",
"cveId": "CVE-2025-10061",
"datePublished": "2025-09-05T20:48:25.215Z",
"dateReserved": "2025-09-05T20:41:48.167Z",
"dateUpdated": "2025-09-05T21:08:44.186Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-10060 (GCVE-0-2025-10060)
Vulnerability from cvelistv5 – Published: 2025-09-05 20:39 – Updated: 2025-09-05 21:08
VLAI?
Title
MongoDB may be susceptible to Invariant Failure in Transactions due Upsert Operation
Summary
MongoDB Server may allow upsert operations retried within a transaction to violate unique index constraints, potentially causing an invariant failure and server crash during commit. This issue may be triggered by improper WriteUnitOfWork state management. This issue affects MongoDB Server v6.0 versions prior to 6.0.25, MongoDB Server v7.0 versions prior to 7.0.22 and MongoDB Server v8.0 versions prior to 8.0.12
Severity ?
6.5 (Medium)
CWE
- CWE-672 - Operation on a Resource after Expiration or Release
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| MongoDB Inc | MongoDB Server |
Affected:
6.0 , < 6.0.25
(custom)
Affected: 7.0 , < 7.0.22 (custom) Affected: 8.0 , < 8.0.12 (custom) |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-10060",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-09-05T21:07:23.024155Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-09-05T21:08:05.687Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "MongoDB Server",
"vendor": "MongoDB Inc",
"versions": [
{
"lessThan": "6.0.25",
"status": "affected",
"version": "6.0",
"versionType": "custom"
},
{
"lessThan": "7.0.22",
"status": "affected",
"version": "7.0",
"versionType": "custom"
},
{
"lessThan": "8.0.12",
"status": "affected",
"version": "8.0",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "MongoDB Server may allow upsert operations retried within a transaction to violate unique index constraints, potentially causing an invariant failure and server crash during commit. This issue may be triggered by improper WriteUnitOfWork state management. This issue affects MongoDB Server v6.0 versions prior to 6.0.25, MongoDB Server v7.0 versions prior to 7.0.22 and MongoDB Server v8.0 versions prior to 8.0.12"
}
],
"value": "MongoDB Server may allow upsert operations retried within a transaction to violate unique index constraints, potentially causing an invariant failure and server crash during commit. This issue may be triggered by improper WriteUnitOfWork state management. This issue affects MongoDB Server v6.0 versions prior to 6.0.25, MongoDB Server v7.0 versions prior to 7.0.22 and MongoDB Server v8.0 versions prior to 8.0.12"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-672",
"description": "CWE-672 Operation on a Resource after Expiration or Release",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-09-05T20:39:14.188Z",
"orgId": "a39b4221-9bd0-4244-95fc-f3e2e07f1deb",
"shortName": "mongodb"
},
"references": [
{
"url": "https://jira.mongodb.org/browse/SERVER-95524"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "MongoDB may be susceptible to Invariant Failure in Transactions due Upsert Operation",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "a39b4221-9bd0-4244-95fc-f3e2e07f1deb",
"assignerShortName": "mongodb",
"cveId": "CVE-2025-10060",
"datePublished": "2025-09-05T20:39:14.188Z",
"dateReserved": "2025-09-05T20:28:10.874Z",
"dateUpdated": "2025-09-05T21:08:05.687Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-10059 (GCVE-0-2025-10059)
Vulnerability from cvelistv5 – Published: 2025-09-05 20:26 – Updated: 2025-09-05 20:44
VLAI?
Title
MongoDB Server router will crash when incorrect lsid is set on a sharded query
Summary
An improper setting of the lsid field on any sharded query can cause a crash in MongoDB routers. This issue occurs when a generic argument (lsid) is provided in a case when it is not applicable. This affects MongoDB Server v6.0 versions prior to 6.0.x, MongoDB Server v7.0 versions prior to 7.0.18 and MongoDB Server v8.0 versions prior to 8.0.6.
Severity ?
6.5 (Medium)
CWE
- CWE-732 - Incorrect Permission Assignment for Critical Resource
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| MongoDB Inc | MongoDB Server |
Affected:
6.0 , < 6.0.24
(custom)
Affected: 7.0 , < 7.0.18 (custom) Affected: 8.0 , < 8.0.6 (custom) |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-10059",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-09-05T20:43:05.307135Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-09-05T20:44:22.665Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "MongoDB Server",
"vendor": "MongoDB Inc",
"versions": [
{
"lessThan": "6.0.24",
"status": "affected",
"version": "6.0",
"versionType": "custom"
},
{
"lessThan": "7.0.18",
"status": "affected",
"version": "7.0",
"versionType": "custom"
},
{
"lessThan": "8.0.6",
"status": "affected",
"version": "8.0",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: transparent;\"\u003eAn improper setting of the lsid field on any sharded query can cause a crash in MongoDB routers. This issue occurs when a generic argument (lsid) is provided in a case when it is not applicable. This affects MongoDB Server v6.0 versions prior to 6.0.x, MongoDB Server v7.0 versions prior to 7.0.18 and MongoDB Server v8.0 versions prior to 8.0.6.\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "An improper setting of the lsid field on any sharded query can cause a crash in MongoDB routers. This issue occurs when a generic argument (lsid) is provided in a case when it is not applicable. This affects MongoDB Server v6.0 versions prior to 6.0.x, MongoDB Server v7.0 versions prior to 7.0.18 and MongoDB Server v8.0 versions prior to 8.0.6."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-732",
"description": "CWE-732 Incorrect Permission Assignment for Critical Resource",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-09-05T20:26:52.612Z",
"orgId": "a39b4221-9bd0-4244-95fc-f3e2e07f1deb",
"shortName": "mongodb"
},
"references": [
{
"url": "https://jira.mongodb.org/browse/SERVER-100901"
},
{
"url": "https://jira.mongodb.org/browse/SERVER-100909"
}
],
"source": {
"discovery": "INTERNAL"
},
"title": "MongoDB Server router will crash when incorrect lsid is set on a sharded query",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "a39b4221-9bd0-4244-95fc-f3e2e07f1deb",
"assignerShortName": "mongodb",
"cveId": "CVE-2025-10059",
"datePublished": "2025-09-05T20:26:52.612Z",
"dateReserved": "2025-09-05T20:10:54.977Z",
"dateUpdated": "2025-09-05T20:44:22.665Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-7259 (GCVE-0-2025-7259)
Vulnerability from cvelistv5 – Published: 2025-07-07 15:59 – Updated: 2025-07-07 16:13
VLAI?
Title
Certain Queries with Duplicate _id Fields May Cause MongoDB Server to Crash
Summary
An authorized user can issue queries with duplicate _id fields, that leads to unexpected behavior in MongoDB Server, which may result to crash. This issue can only be triggered by authorized users and cause Denial of Service. This issue affects MongoDB Server v8.1 version 8.1.0.
Severity ?
6.5 (Medium)
CWE
- CWE-843 - Access of Resource Using Incompatible Type ('Type Confusion')
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| MongoDB Inc | MongoDB Server |
Affected:
8.1 , ≤ 8.1.0
(custom)
cpe:2.3:a:mongodb:mongodb:8.1.0:*:*:*:*:*:*:* |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-7259",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-07-07T16:13:43.106144Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-07-07T16:13:48.353Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:mongodb:mongodb:8.1.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "MongoDB Server",
"vendor": "MongoDB Inc",
"versions": [
{
"lessThanOrEqual": "8.1.0",
"status": "affected",
"version": "8.1",
"versionType": "custom"
}
]
}
],
"datePublic": "2025-07-07T15:06:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eAn authorized user can issue queries with duplicate _id fields, that leads to unexpected behavior in MongoDB Server, which may result to crash. This issue can only be triggered by authorized users and cause Denial of Service. This issue affects MongoDB Server v8.1 version 8.1.0.\u003c/p\u003e"
}
],
"value": "An authorized user can issue queries with duplicate _id fields, that leads to unexpected behavior in MongoDB Server, which may result to crash. This issue can only be triggered by authorized users and cause Denial of Service. This issue affects MongoDB Server v8.1 version 8.1.0."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-843",
"description": "CWE-843: Access of Resource Using Incompatible Type (\u0027Type Confusion\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-07-07T15:59:01.902Z",
"orgId": "a39b4221-9bd0-4244-95fc-f3e2e07f1deb",
"shortName": "mongodb"
},
"references": [
{
"url": "https://jira.mongodb.org/browse/SERVER-102693"
}
],
"source": {
"discovery": "INTERNAL"
},
"title": "Certain Queries with Duplicate _id Fields May Cause MongoDB Server to Crash",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "a39b4221-9bd0-4244-95fc-f3e2e07f1deb",
"assignerShortName": "mongodb",
"cveId": "CVE-2025-7259",
"datePublished": "2025-07-07T15:59:01.902Z",
"dateReserved": "2025-07-07T15:05:32.437Z",
"dateUpdated": "2025-07-07T16:13:48.353Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}