Lucene search
K

32 matches found

OSV
OSV
added 2026/06/16 11:48 a.m.5 views

BIT-MONGODB-2026-9747 Crafted cross-shard merge aggregation crashes MongoDB Server

Adding fromRouter:true and runtimeConstants.userRoles could cause aggregations to crash mongodb server...

7.1CVSS5.2AI score0.0027EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/06/09 10:5 p.m.9 views

CVE-2026-9747 Crafted cross-shard merge aggregation crashes MongoDB Server

Adding fromRouter:true and runtimeConstants.userRoles could cause aggregations to crash mongodb server...

7.1CVSS5.4AI score0.0027EPSS
Exploits0References1
CVE
CVE
added 2026/06/09 10:5 p.m.86 views

CVE-2026-9747

The vulnerability CVE-2026-9747 affects MongoDB Server’s cross-shard merge aggregation. When building aggregations, using fromRouter:true with runtimeConstants.userRoles may cause the server to crash. The connected documentation confirms the issue but provides no details on mitigations; exploitat...

7.1CVSS5.5AI score0.0027EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2026/06/09 10:5 p.m.43 views

CVE-2026-9747 Crafted cross-shard merge aggregation crashes MongoDB Server

Adding fromRouter:true and runtimeConstants.userRoles could cause aggregations to crash mongodb server...

7.1CVSS0.0027EPSS
Exploits0References1
MongoDB
MongoDB
added 2026/06/09 10:5 p.m.12 views

Crafted cross-shard merge aggregation crashes MongoDB Server

Adding fromRouter:true and runtimeConstants.userRoles could cause aggregations to crash mongodb server...

7.1CVSS5.4AI score0.0027EPSS
Exploits0References1Affected Software1
OSV
OSV
added 2026/05/13 8:9 a.m.6 views

BIT-MONGODB-2025-14345 Cross-Shard Failovers May Lead to Partial Transaction Commit in MongoDB Server

A post-authentication flaw in the network two-phase commit protocol used for cross-shard transactions in MongoDB Server may lead to logical data inconsistencies under specific conditions which are not predictable and exist for a very short period of time. This error can cause the transaction...

5.4CVSS5.8AI score0.002EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/12/15 9:29 p.m.11 views

CVE-2025-14345

A post-authentication flaw in the network two-phase commit protocol used for cross-shard transactions in MongoDB Server may lead to logical data inconsistencies under specific conditions which are not predictable and exist for a very short period of time. This error can cause the transaction...

5.4CVSS6.7AI score0.002EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2025/12/11 12:0 a.m.4 views

FreeBSD : MongoDB Server -- Improper Locking (c11e0878-d6a8-11f0-8e1b-b42e991fc52e)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the c11e0878-d6a8-11f0-8e1b-b42e991fc52e advisory. https://jira.mongodb.org/browse/SERVER-106075 reports: A post-authenticationflaw in the network two-pha...

5.4CVSS5.5AI score0.002EPSS
Exploits0References3
EUVD
EUVD
added 2025/12/09 6:30 p.m.5 views

EUVD-2025-201945

A post-authentication flaw in the network two-phase commit protocol used for cross-shard transactions in MongoDB Server may lead to logical data inconsistencies under specific conditions which are not predictable and exist for a very short period of time. This error can cause the transaction...

4.2CVSS6.2AI score0.002EPSS
Exploits0References2
NVD
NVD
added 2025/12/09 4:17 p.m.3 views

CVE-2025-14345

A post-authentication flaw in the network two-phase commit protocol used for cross-shard transactions in MongoDB Server may lead to logical data inconsistencies under specific conditions which are not predictable and exist for a very short period of time. This error can cause the transaction...

5.4CVSS0.002EPSS
Exploits0References1
OSV
OSV
added 2025/12/09 4:17 p.m.4 views

UBUNTU-CVE-2025-14345

A post-authentication flaw in the network two-phase commit protocol used for cross-shard transactions in MongoDB Server may lead to logical data inconsistencies under specific conditions which are not predictable and exist for a very short period of time. This error can cause the transaction...

5.4CVSS5.8AI score0.002EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2025/12/09 3:0 p.m.2 views

CVE-2025-14345 Cross-Shard Failovers May Lead to Partial Transaction Commit in MongoDB Server

A post-authentication flaw in the network two-phase commit protocol used for cross-shard transactions in MongoDB Server may lead to logical data inconsistencies under specific conditions which are not predictable and exist for a very short period of time. This error can cause the transaction...

4.2CVSS6.3AI score0.002EPSS
Exploits0References1
OSV
OSV
added 2025/12/09 3:0 p.m.4 views

CVE-2025-14345 Cross-Shard Failovers May Lead to Partial Transaction Commit in MongoDB Server

A post-authentication flaw in the network two-phase commit protocol used for cross-shard transactions in MongoDB Server may lead to logical data inconsistencies under specific conditions which are not predictable and exist for a very short period of time. This error can cause the transaction...

2.3CVSS5.9AI score0.002EPSS
Exploits0References3
CVE
CVE
added 2025/12/09 3:0 p.m.512 views

CVE-2025-14345

CVE-2025-14345 describes a post-authentication flaw in MongoDB Server’s network two‑phase commit protocol used for cross‑shard transactions. The issue can cause the transaction coordination logic to misinterpret a transaction as committed, leading to inconsistent shard state and potential low int...

5.4CVSS6.3AI score0.002EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2025/12/09 3:0 p.m.24 views

CVE-2025-14345 Cross-Shard Failovers May Lead to Partial Transaction Commit in MongoDB Server

A post-authentication flaw in the network two-phase commit protocol used for cross-shard transactions in MongoDB Server may lead to logical data inconsistencies under specific conditions which are not predictable and exist for a very short period of time. This error can cause the transaction...

4.2CVSS0.002EPSS
Exploits0References1
MongoDB
MongoDB
added 2025/12/09 3:0 p.m.8 views

Cross-Shard Failovers May Lead to Partial Transaction Commit in MongoDB Server

A post-authentication flaw in the network two-phase commit protocol used for cross-shard transactions in MongoDB Server may lead to logical data inconsistencies under specific conditions which are not predictable and exist for a very short period of time. This error can cause the transaction...

5.4CVSS6.8AI score0.002EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2025/12/09 12:0 a.m.3 views

PT-2025-49980

Name of the Vulnerable Software and Affected Versions MongoDB Server versions prior to 8.0.16 MongoDB Server versions prior to 7.0.26 MongoDB Server versions prior to 8.2.2 Description A flaw exists in the network two-phase commit protocol used for cross-shard transactions. This issue can lead to...

5.4CVSS5.8AI score0.002EPSS
Exploits0References12
FreeBSD
FreeBSD
added 2025/12/09 12:0 a.m.7 views

MongoDB Server -- Improper Locking

https://jira.mongodb.org/browse/SERVER-106075 reports: A post-authenticationflaw in the network two-phase commit protocol used for cross-shard transactions in MongoDB Server may lead to logical data inconsistencies under specific conditions which are not predictable and exist for a very short...

5.4CVSS6.9AI score0.002EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.19 views

EUVD-2023-1740

Malicious code in bioql PyPI...

8.6CVSS7.8AI score0.00565EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/03 8:7 p.m.19 views

EUVD-2022-7694

Malicious code in bioql PyPI...

7.2CVSS6.6AI score0.00724EPSS
Exploits0References5
Rows per page
Query Builder