13 matches found
CVE-2026-9740
A vulnerability in MongoDB Server's BSON validation logic allows an unauthenticated user to crash the mongod process by sending a specially crafted message. The BSON validator's handling of certain nested binary data structures permits uncontrolled mutual recursion between validation functions,...
CVE-2026-9740 Unbounded recursion in BSONColumn interleaved-reference causes pre-auth stack overflow
A vulnerability in MongoDB Server's BSON validation logic allows an unauthenticated user to crash the mongod process by sending a specially crafted message. The BSON validator's handling of certain nested binary data structures permits uncontrolled mutual recursion between validation functions,...
EUVD-2026-22023
The bsonvalidate function may return early on specific inputs and incorrectly report success. This behavior could result in skipping validation for BSON data, allowing malformed or invalid UTF-8 sequences to bypass validation and be processed incorrectly. The issue may affect applications that re...
CVE-2026-6231
The bsonvalidate function may return early on specific inputs and incorrectly report success. This behavior could result in skipping validation for BSON data, allowing malformed or invalid UTF-8 sequences to bypass validation and be processed incorrectly. The issue may affect applications that re...
UBUNTU-CVE-2026-6231
The bsonvalidate function may return early on specific inputs and incorrectly report success. This behavior could result in skipping validation for BSON data, allowing malformed or invalid UTF-8 sequences to bypass validation and be processed incorrectly. The issue may affect applications that re...
CVE-2026-6231 bson_validate may skip validation when processing certain inputs
The bsonvalidate function may return early on specific inputs and incorrectly report success. This behavior could result in skipping validation for BSON data, allowing malformed or invalid UTF-8 sequences to bypass validation and be processed incorrectly. The issue may affect applications that re...
CVE-2026-6231
The CVE-2026-6231 issue affects the MongoDB C Driver. The root cause is that the bson_validate function may return early on certain inputs and incorrectly report success, allowing malformed or invalid UTF-8 sequences to bypass validation and be processed incorrectly. Affected products/versions ex...
CVE-2026-6231
The bsonvalidate function may return early on specific inputs and incorrectly report success. This behavior could result in skipping validation for BSON data, allowing malformed or invalid UTF-8 sequences to bypass validation and be processed incorrectly. The issue may affect applications that re...
Linux Distros Unpatched Vulnerability : CVE-2026-6231
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The bsonvalidate function may return early on specific inputs and incorrectly report success. This behavior could result in skipping validation for BSON data,...
PT-2026-32394
Name of the Vulnerable Software and Affected Versions MongoDB C Driver versions prior to 1.30.5 MongoDB C Driver version 2.0.0 MongoDB C Driver version 2.0.1 Description The bson validate function may return early on specific inputs and incorrectly report success. This behavior could result in...
mongodb: DoS due to improper BSON validation
A flaw was found in the way MongoDB processed certain BSON-serialized UTF-8 strings. A remote, unauthenticated attacker could use this flaw to crash a mongod server via a specially crafted BSON message...
MGASA-2015-0130 Updated mongodb packages fix security vulnerabilities
Updated mongodb packages fix security vulnerability: It was found that the mongod server did not correctly validate certain malformed BSON requests. A remote, unauthenticated attacker could use a specially crafted BSON message to crash a mongod server CVE-2015-1609...
SUSE-SU-2015:0751-1 Security update for mongodb
The MongoDB database did validate BSON incorrectly, which could have lead to remote attackers being able to crash the database before authentication. CVE-2015-1609 Security Issues: CVE-2015-1609...