450 matches found
CVE-2026-25613
An authorized user may disable the MongoDB server by issuing a query against a collection that contains an invalid compound wildcard index...
CVE-2026-1847
CVE-2026-1847 concerns MongoDB replica sets: inserting certain large documents can cause secondaries to fail fetching the oplog from the primary, potentially stalling replication and leading to a server crash. The entry provides CVSS 3.1 (base 6.5, MEDIUM) with network attack vector and low compl...
CVE-2026-25611 Pre-Authentication Memory Exhaustion Denial of Service in MongoDB Server
A series of specifically crafted, unauthenticated messages can exhaust available memory and crash a MongoDB server...
CVE-2026-25611
CVE-2026-25611 affects MongoDB server. It describes a denial-of-service vector where a series of specifically crafted, unauthenticated messages can exhaust memory and crash the server. The entry provides CVSS metrics (3.1/7.5 HIGH and 4.0/8.7 HIGH) indicating network-based, unauthenticated impact...
CVE-2026-25611
A series of specifically crafted, unauthenticated messages can exhaust available memory and crash a MongoDB server...
CVE-2026-25611 Pre-Authentication Memory Exhaustion Denial of Service in MongoDB Server
A series of specifically crafted, unauthenticated messages can exhaust available memory and crash a MongoDB server...
Pre-Authentication Memory Exhaustion Denial of Service in MongoDB Server
A series of specifically crafted, unauthenticated messages can exhaust available memory and crash a MongoDB server...
MongoDB Server 安全漏洞
MongoDB Server is an open-source NoSQL database developed by MongoDB, a US-based company. This database offers features such as collection-oriented storage, dynamic querying, data replication, and automatic failover. There is a security vulnerability in MongoDB Server, where connections received...
PT-2026-7433
Name of the Vulnerable Software and Affected Versions MongoDB Server affected versions not specified Description The MongoDB Server may encounter an out-of-memory failure when processing expressions that result in deeply nested documents. This occurs due to a lack of periodic depth checks within...
MongoDB Server 安全漏洞
MongoDB Server is an open-source NoSQL database developed by MongoDB, a company based in the United States. This database offers features such as collection-oriented storage, dynamic querying, data replication, and automatic failover. There is a security vulnerability in MongoDB Server, which ste...
MongoDB Server 安全漏洞
MongoDB Server is an open-source NoSQL database developed by MongoDB, a US-based company. This database offers features such as collection-oriented storage, dynamic querying, data replication, and automatic failover. There is a security vulnerability in MongoDB Server, which stems from authorized...
MongoDB Server 安全漏洞
MongoDB Server is an open-source NoSQL database developed by MongoDB, a US-based company. This database offers features such as collection-oriented storage, dynamic querying, data replication, and automatic failover. There is a security vulnerability in MongoDB Server, which stems from incorrect...
MongoDB Server 安全漏洞
MongoDB Server is an open-source NoSQL database developed by MongoDB, a company based in the United States. This database offers features such as collection-oriented storage, dynamic querying, data replication, and automatic failover. There is a security vulnerability in MongoDB Server, which ste...
MongoDB Server 安全漏洞
MongoDB Server is an open-source NoSQL database developed by MongoDB, a company based in the United States. This database offers features such as collection-oriented storage, dynamic querying, data replication, and automatic failover. There is a security vulnerability in MongoDB Server, which ste...
MongoDB Server -- CWE-704 Incorrect Type Conversion or Cast
https://jira.mongodb.org/browse/SERVER-113685 reports: An authorized user may disable the MongoDB server by issuing a query against a collection that contains an invalid compound wildcard index...
MongoDB Server 安全漏洞
MongoDB Server is an open-source NoSQL database developed by MongoDB, a company based in the United States. This database offers features such as collection-oriented storage, dynamic querying, data replication, and automatic failover. There is a security vulnerability in MongoDB Server, which ste...
MongoDB Server -- CWE-617 Reachable Assertion
https://jira.mongodb.org/browse/SERVER-99119 reports: An authorized user may trigger a server crash by running a $geoNear pipeline with certain invalid index hints...
MongoDB and MongoDB Server Improper Handling of Length Parameter Inconsistency Vulnerability
MongoDB Server contains an improper handling of length parameter inconsistency vulnerability in Zlib compressed protocol headers. This vulnerability may allow a read of uninitialized heap memory by an unauthenticated client...
CVE-2025-14847
Mismatched length fields in Zlib compressed protocol headers may allow a read of uninitialized heap memory by an unauthenticated client. This issue affects all MongoDB Server v7.0 prior to 7.0.28 versions, MongoDB Server v8.0 versions prior to 8.0.17, MongoDB Server v8.2 versions prior to 8.2.3,...
EUVD-2025-204529
Mismatched length fields in Zlib compressed protocol headers may allow a read of uninitialized heap memory by an unauthenticated client. This issue affects all MongoDB Server v7.0 prior to 7.0.28 versions, MongoDB Server v8.0 versions prior to 8.0.17, MongoDB Server v8.2 versions prior to 8.2.3,...