CVE-2026-9741

A bug in query analysis processing of the $vectorSearch aggregation stage for Queryable Encryption QE or Client-Side Field Level Encryption CSFLE results in literal values for encrypted fields within the $vectorSearch stage filter expressions to be sent to the server as plaintext instead of...

CVE-2026-9741

A bug in query analysis processing of the $vectorSearch aggregation stage for Queryable Encryption QE or Client-Side Field Level Encryption CSFLE results in literal values for encrypted fields within the $vectorSearch stage filter expressions to be sent to the server as plaintext instead of...

UBUNTU-CVE-2026-9741

A bug in query analysis processing of the $vectorSearch aggregation stage for Queryable Encryption QE or Client-Side Field Level Encryption CSFLE results in literal values for encrypted fields within the $vectorSearch stage filter expressions to be sent to the server as plaintext instead of...

CVE-2026-9741 Client side encryption fails to encrypt values in a $vectorSearch

A bug in query analysis processing of the $vectorSearch aggregation stage for Queryable Encryption QE or Client-Side Field Level Encryption CSFLE results in literal values for encrypted fields within the $vectorSearch stage filter expressions to be sent to the server as plaintext instead of...

MongoDB Server 安全漏洞

MongoDB Server is an open-source NoSQL database developed by MongoDB, a US-based company. This database offers features such as collection-oriented storage, dynamic querying, data replication, and automatic failover. There is a security vulnerability in MongoDB Server, which stems from the...

PT-2026-48289

Name of the Vulnerable Software and Affected Versions The product name cannot be determined affected versions not specified Description A bug in the query analysis processing of the $vectorSearch aggregation stage for Queryable Encryption QE or Client-Side Field Level Encryption CSFLE causes...

BIT-MONGODB-2026-8201 Use-After-Free in MongoDB FLE Query Analysis When Processing Positional Projections on Encrypted Fields

A use-after-free vulnerability exists in MongoDB's Field-Level Encryption FLE query analysis component, affecting client-side uses of mongocryptd and cryptshared. Triggering this vulnerability requires control over the structure of a client's FLE-related query. This issue impacts MongoDB Server’s...

CVE-2026-8201

A use-after-free vulnerability exists in MongoDB’s Field-Level Encryption (FLE) query analysis component, affecting client-side uses of mongocryptd and crypt_shared. Triggering the issue requires control over the structure of a client’s FLE-related query. Affected MongoDB Server components and ve...

strongMan 安全漏洞

strongMan is an API developed by strongSwan. Versions of strongMan prior to 0.2.0 contained a security vulnerability. This vulnerability stemmed from the lack of a separate initialization vector when encrypting database fields, which could lead to credential leakage...

EUVD-2024-48885

Malicious code in bioql PyPI...

CVE-2024-8013

A bug in query analysis of certain complex self-referential $lookup subpipelines may result in literal values in expressions for encrypted fields to be sent to the server as plaintext instead of ciphertext. Should this occur, no documents would be returned or written. This issue affects mongocryp...

CVE-2024-8013 CSFLE and Queryable Encryption self-lookup may fail to encrypt values in subpipelines

A bug in query analysis of certain complex self-referential $lookup subpipelines may result in literal values in expressions for encrypted fields to be sent to the server as plaintext instead of ciphertext. Should this occur, no documents would be returned or written. This issue affects mongocryp...

pulp_ansible 安全漏洞

pulpansible is a Pulp open source plugin that supports hosting Role and Collection Ansible content. A security vulnerability exists in pulpansible that stems from storing tokens in plaintext instead of using Pulp's encrypted fields...