Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

NVD
NVDadded 3 days ago6 views

CVE-2026-9740

A vulnerability in MongoDB Server's BSON validation logic allows an unauthenticated user to crash the mongod process by sending a specially crafted message. The BSON validator's handling of certain nested binary data structures permits uncontrolled mutual recursion between validation functions,...

8.7CVSS0.0003EPSS
Exploits0References1
OSV
OSVadded 2026/05/07 6:16 a.m.5 views

UBUNTU-CVE-2026-8063

An authenticated user can crash mongod when running $rankFusion or $scoreFusion with an empty pipeline on a view. When resolving a view, the server inspects the aggregation pipeline to determine whether it begins with an Atlas Search stage. For $rankFusion and $scoreFusion, this inspection reads...

7.1CVSS5.8AI score0.00074EPSS
Exploits0References3
EUVD
EUVDadded 2026/05/07 4:12 a.m.10 views

EUVD-2026-28326

An authenticated user can crash mongod when running $rankFusion or $scoreFusion with an empty pipeline on a view. When resolving a view, the server inspects the aggregation pipeline to determine whether it begins with an Atlas Search stage. For $rankFusion and $scoreFusion, this inspection reads...

7.1CVSS5.8AI score0.00074EPSS
Exploits0References1
UbuntuCve
UbuntuCveadded 2026/05/07 12:0 a.m.4 views

CVE-2026-8063

An authenticated user can crash mongod when running $rankFusion or $scoreFusion with an empty pipeline on a view. When resolving a view, the server inspects the aggregation pipeline to determine whether it begins with an Atlas Search stage. For $rankFusion and $scoreFusion, this inspection reads...

7.1CVSS5.8AI score0.00074EPSS
Exploits0References2
Positive Technologies
Positive Technologiesadded 2026/05/07 12:0 a.m.7 views

PT-2026-38343

Name of the Vulnerable Software and Affected Versions MongoDB Server versions prior to 8.2.7 Description An authenticated user can cause a denial of service by crashing the mongod process. This occurs when running $rankFusion or $scoreFusion with an empty pipeline on a view. During view resolutio...

7.1CVSS5.8AI score0.00074EPSS
Exploits0References8
OSV
OSVadded 2026/04/06 7:54 a.m.2 views

BIT-MONGODB-2026-5170 Users could trigger a crash of mongod primaries during promotion to sharded

A user with access to the cluster with a limited set of privilege actions can trigger a crash of a mongod process during the limited and unpredictable window when the cluster is being promoted from a replica set to a sharded cluster. This may cause a denial of service by taking down the primary o...

6CVSS5.9AI score0.00057EPSS
Exploits0References2
OSV
OSVadded 2026/03/30 4:16 p.m.0 views

UBUNTU-CVE-2026-5170

A user with access to the cluster with a limited set of privilege actions can trigger a crash of a mongod process during the limited and unpredictable window when the cluster is being promoted from a replica set to a sharded cluster. This may cause a denial of service by taking down the primary o...

6CVSS5.8AI score0.00057EPSS
Exploits0References3
Rows per page
Query Builder