PT-2026-41131

Name of the Vulnerable Software and Affected Versions MongoDB PHP driver affected versions not specified Description A stack exhaustion issue occurs when processing deeply nested BSON Binary JSON documents. This can lead to application crashes in unusual circumstances, specifically when the BSON...

📄 MongoDB BSON Decompression OP_COMPRESSED Memory Disclosure

This Metasploit module demonstrates an educational memory leak in MongoDB BSON decompression. It sends malformed BSON in OPCOMPRESSED messages to trigger memory disclosure. Quite a huge list of versions are affected...

RHEL 6 : mongodb (RHSA-2014:0230)

The remote Redhat Enterprise Linux 6 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2014:0230 advisory. MongoDB is a NoSQL database. A buffer over-read flaw was found in the way MongoDB handled BSON data. A database user permitted to insert BSON data in...

Out-of-bounds Read

pymongo is vulnerable to Out-of-bounds Read. The vulnerability is due to improper validation of encoded BSON data during the deserialization process, which allows an attacker to submit a crafting payload resulting in an out-of-bounds read...