CVE-2026-25612 Internal ResourceId collision may affect unrelated collections

🗓️ 10 Feb 2026 18:05:23Reported by mongodbType

CVE-2026-25612: internal ResourceId collisions in MongoDB may cause collection lock conflicts.

Reporter	Title	Published	Views	Family All 12
ATTACKERKB	CVE-2026-25612	10 Feb 202618:05	–	attackerkb
CNNVD	MongoDB Server 安全漏洞	10 Feb 202600:00	–	cnnvd
CVE	CVE-2026-25612	10 Feb 202618:05	–	cve
MongoDB	Internal ResourceId collision may affect unrelated collections	10 Feb 202618:05	–	mongodb
NVD	CVE-2026-25612	10 Feb 202618:16	–	nvd
OSV	UBUNTU-CVE-2026-25612	10 Feb 202618:16	–	osv
Positive Technologies	PT-2026-7416	4 Dec 202500:00	–	ptsecurity
RedhatCVE	CVE-2026-25612	11 Feb 202619:44	–	redhatcve
Redos	ROS-20260311-73-0006	11 Mar 202600:00	–	redos
UbuntuCve	CVE-2026-25612	10 Feb 202618:16	–	ubuntucve

[
  {
    "defaultStatus": "unaffected",
    "product": "MongoDB Server",
    "vendor": "MongoDB Inc",
    "versions": [
      {
        "lessThan": "8.2.4",
        "status": "affected",
        "version": "8.2",
        "versionType": "semver"
      },
      {
        "lessThan": "8.0.18",
        "status": "affected",
        "version": "8.0",
        "versionType": "semver"
      },
      {
        "lessThan": "7.0.29",
        "status": "affected",
        "version": "7.0",
        "versionType": "semver"
      }
    ]
  }
]

Source	Link
jira	www.jira.mongodb.org/browse/SERVER-115296
jira	www.jira.mongodb.org/browse/SERVER-114838

10 Feb 2026 18:05Current

CVSS 3.16.5

CVSS 47.1

EPSS0.00046

CWE-412