EUVD-2026-35866

🗓️ 10 Jun 2026 00:31:50Reported by EUVDType

Authenticated users can crash the database or get wrong results by documents that disturb metadata.

Reporter	Title	Published	Views	Family All 4
CVE	CVE-2026-9750	9 Jun 202622:17	–	cve
Cvelist	CVE-2026-9750 Metadata name collision on $-prefixed fields causes post-auth server crash	9 Jun 202622:17	–	cvelist
NVD	CVE-2026-9750	9 Jun 202623:17	–	nvd
Positive Technologies	PT-2026-48300	9 Jun 202600:00	–	ptsecurity

[
  {
    "enisaIdVendor": [
      {
        "id": "ac612737-5a93-386d-b104-084200d70dbd",
        "vendor": {
          "name": "MONGODB"
        }
      }
    ],
    "enisaIdProduct": [
      {
        "id": "30f19893-ef3f-3043-ab06-1369a14c2077",
        "product": {
          "name": "MongoDB Server",
          "vendor": {
            "name": "MongoDB, Inc."
          }
        },
        "product_version": "8.0.0 <8.0.24"
      },
      {
        "id": "88069997-e064-37f2-9230-010d2dcd5412",
        "product": {
          "name": "MongoDB Server",
          "vendor": {
            "name": "MongoDB, Inc."
          }
        },
        "product_version": "7.0.0 <7.0.35"
      },
      {
        "id": "8ed1556a-fff0-3dbb-8984-d0286d02541e",
        "product": {
          "name": "MongoDB Server",
          "vendor": {
            "name": "MongoDB, Inc."
          }
        },
        "product_version": "8.2.0 <8.2.10"
      },
      {
        "id": "f6dcdae3-bab0-3b09-b1d9-c304890c6c11",
        "product": {
          "name": "MongoDB Server",
          "vendor": {
            "name": "MongoDB, Inc."
          }
        },
        "product_version": "8.3.0 <8.3.3"
      }
    ]
  }
]

Source	Link
jira	www.jira.mongodb.org/browse/SERVER-123633
nvd	www.nvd.nist.gov/vuln/detail/CVE-2026-9750

10 Jun 2026 00:31Current

5.7Medium risk

Vulners AI Score5.7

CVSS 47.1

CVSS 3.16.5