CVE-2026-25611

🗓️ 10 Feb 2026 17:52:47Reported by mongodbType

cve🔗 web.nvd.nist.gov📰️ 2 Media mentions👁 10 Views

Pre-authentication memory exhaustion DoS in MongoDB Server caused by unauthenticated messages.

Reporter	Title	Published	Views	Family All 14
ATTACKERKB	CVE-2026-25611	10 Feb 202617:52	–	attackerkb
Circl	CVE-2026-25611	10 Feb 202618:35	–	circl
CNNVD	MongoDB Server 安全漏洞	10 Feb 202600:00	–	cnnvd
Cvelist	CVE-2026-25611 Pre-Authentication Memory Exhaustion Denial of Service in MongoDB Server	10 Feb 202617:52	–	cvelist
MongoDB	Pre-Authentication Memory Exhaustion Denial of Service in MongoDB Server	10 Feb 202617:52	–	mongodb
NVD	CVE-2026-25611	10 Feb 202618:16	–	nvd
OSV	UBUNTU-CVE-2026-25611	10 Feb 202618:16	–	osv
Positive Technologies	PT-2026-7415	10 Feb 202600:00	–	ptsecurity
RedhatCVE	CVE-2026-25611	11 Feb 202619:44	–	redhatcve
Redos	ROS-20260311-73-0005	11 Mar 202600:00	–	redos

[
  {
    "defaultStatus": "unaffected",
    "product": "MongoDB Server",
    "vendor": "MongoDB Inc",
    "versions": [
      {
        "lessThan": "8.2.4",
        "status": "affected",
        "version": "8.2",
        "versionType": "semver"
      },
      {
        "lessThan": "8.0.18",
        "status": "affected",
        "version": "8.0",
        "versionType": "semver"
      },
      {
        "lessThan": "7.0.29",
        "status": "affected",
        "version": "7.0",
        "versionType": "semver"
      }
    ]
  }
]

Source	Link
jira	www.jira.mongodb.org/browse/SERVER-116206
jira	www.jira.mongodb.org/browse/SERVER-116211
jira	www.jira.mongodb.org/browse/SERVER-116210

15 Apr 2026 00:35Current

5.5Medium risk

Vulners AI Score5.5

CVSS 3.17.5

CVSS 48.7

EPSS0.00056

SSVC

CWE-405