Lucene search
K

4 matches found

NVD
NVD
added 2026/05/13 4:17 a.m.8 views

CVE-2026-8202

Using a densely populated chars mask and a large input string in the MongoDB aggregation operators $trim, $ltrim, and $rtrim, an authenticated user with aggregation permissions can pin CPU utilization at 100% for an extended period of time. This issue impacts MongoDB Server v7.0 versions prior to...

6.5CVSS0.00263EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/06/26 2:0 p.m.2 views

CVE-2025-6706 Running certain aggregation operations with the SBE engine may lead to unexpected behavior on MongoDB Server

An authenticated user may trigger a use after free that may result in MongoDB Server crash and other unexpected behavior, even if the user does not have authorization to shut down a server. The crash is triggered on affected versions by issuing an aggregation framework operation using a specific...

5CVSS7AI score0.00214EPSS
Exploits0References1
MongoDB
MongoDB
added 2025/06/26 1:59 p.m.28 views

Running certain aggregation operations with the SBE engine may lead to unexpected behavior on MongoDB Server

An authenticated user may trigger a use after free that may result in MongoDB Server crash and other unexpected behavior, even if the user does not have authorization to shut down a server. The crash is triggered on affected versions by issuing an aggregation framework operation using a specific...

8.8CVSS6.9AI score0.00214EPSS
Exploits0References1Affected Software1
FreeBSD
FreeBSD
added 2025/06/26 12:0 a.m.6 views

MongoDB -- Running certain aggregation operations with the SBE engine may lead to unexpected behavior

[email protected] reports: An authenticated user may trigger a use after free that may result in MongoDB Server crash and other unexpected behavior, even if the user does not have authorization to shut down a server. The crash is triggered on affected versions by issuing an aggregation framework...

8.8CVSS7.1AI score0.00214EPSS
Exploits0References1
Rows per page
Query Builder