Lucene search
+L

33 matches found

osv
osv
added 2026/06/16 11:48 a.m.6 views

BIT-MONGODB-2026-9747 Crafted cross-shard merge aggregation crashes MongoDB Server

Adding fromRouter:true and runtimeConstants.userRoles could cause aggregations to crash mongodb server...

7.1CVSS5.2AI score0.0027EPSS
Exploits0References2
vulnrichment
vulnrichment
added 2026/06/09 10:5 p.m.9 views

CVE-2026-9747 Crafted cross-shard merge aggregation crashes MongoDB Server

Adding fromRouter:true and runtimeConstants.userRoles could cause aggregations to crash mongodb server...

7.1CVSS5.4AI score0.0027EPSS
Exploits0References1
cve
cve
added 2026/06/09 10:5 p.m.89 views

CVE-2026-9747

The vulnerability CVE-2026-9747 affects MongoDB Server’s cross-shard merge aggregation. When building aggregations, using fromRouter:true with runtimeConstants.userRoles may cause the server to crash. The connected documentation confirms the issue but provides no details on mitigations; exploitat...

7.1CVSS5.5AI score0.0027EPSS
Exploits0References1Affected Software1
cvelist
cvelist
added 2026/06/09 10:5 p.m.43 views

CVE-2026-9747 Crafted cross-shard merge aggregation crashes MongoDB Server

Adding fromRouter:true and runtimeConstants.userRoles could cause aggregations to crash mongodb server...

7.1CVSS0.0027EPSS
Exploits0References1
osv
osv
added 2026/06/09 10:5 p.m.3 views

CVE-2026-9747 Crafted cross-shard merge aggregation crashes MongoDB Server

Adding fromRouter:true and runtimeConstants.userRoles could cause aggregations to crash mongodb server...

7.1CVSS5.9AI score0.0027EPSS
Exploits0References3
mongodb
mongodb
added 2026/06/09 10:5 p.m.12 views

Crafted cross-shard merge aggregation crashes MongoDB Server

Adding fromRouter:true and runtimeConstants.userRoles could cause aggregations to crash mongodb server...

7.1CVSS5.4AI score0.0027EPSS
Exploits0References1Affected Software1
osv
osv
added 2026/05/13 8:9 a.m.6 views

BIT-MONGODB-2025-14345 Cross-Shard Failovers May Lead to Partial Transaction Commit in MongoDB Server

A post-authentication flaw in the network two-phase commit protocol used for cross-shard transactions in MongoDB Server may lead to logical data inconsistencies under specific conditions which are not predictable and exist for a very short period of time. This error can cause the transaction...

5.4CVSS5.8AI score0.002EPSS
Exploits0References2
redhatcve
redhatcve
added 2025/12/15 9:29 p.m.11 views

CVE-2025-14345

A post-authentication flaw in the network two-phase commit protocol used for cross-shard transactions in MongoDB Server may lead to logical data inconsistencies under specific conditions which are not predictable and exist for a very short period of time. This error can cause the transaction...

5.4CVSS6.7AI score0.002EPSS
Exploits0References1
nessus
nessus
added 2025/12/11 12:0 a.m.5 views

FreeBSD : MongoDB Server -- Improper Locking (c11e0878-d6a8-11f0-8e1b-b42e991fc52e)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the c11e0878-d6a8-11f0-8e1b-b42e991fc52e advisory. https://jira.mongodb.org/browse/SERVER-106075 reports: A post-authenticationflaw in the network two-pha...

5.4CVSS5.5AI score0.002EPSS
Exploits0References3
euvd
euvd
added 2025/12/09 6:30 p.m.5 views

EUVD-2025-201945

A post-authentication flaw in the network two-phase commit protocol used for cross-shard transactions in MongoDB Server may lead to logical data inconsistencies under specific conditions which are not predictable and exist for a very short period of time. This error can cause the transaction...

4.2CVSS6.2AI score0.002EPSS
Exploits0References2
nvd
nvd
added 2025/12/09 4:17 p.m.4 views

CVE-2025-14345

A post-authentication flaw in the network two-phase commit protocol used for cross-shard transactions in MongoDB Server may lead to logical data inconsistencies under specific conditions which are not predictable and exist for a very short period of time. This error can cause the transaction...

5.4CVSS0.002EPSS
Exploits0References1
osv
osv
added 2025/12/09 4:17 p.m.5 views

UBUNTU-CVE-2025-14345

A post-authentication flaw in the network two-phase commit protocol used for cross-shard transactions in MongoDB Server may lead to logical data inconsistencies under specific conditions which are not predictable and exist for a very short period of time. This error can cause the transaction...

5.4CVSS5.8AI score0.002EPSS
Exploits0References3
vulnrichment
vulnrichment
added 2025/12/09 3:0 p.m.2 views

CVE-2025-14345 Cross-Shard Failovers May Lead to Partial Transaction Commit in MongoDB Server

A post-authentication flaw in the network two-phase commit protocol used for cross-shard transactions in MongoDB Server may lead to logical data inconsistencies under specific conditions which are not predictable and exist for a very short period of time. This error can cause the transaction...

4.2CVSS6.3AI score0.002EPSS
Exploits0References1
cvelist
cvelist
added 2025/12/09 3:0 p.m.28 views

CVE-2025-14345 Cross-Shard Failovers May Lead to Partial Transaction Commit in MongoDB Server

A post-authentication flaw in the network two-phase commit protocol used for cross-shard transactions in MongoDB Server may lead to logical data inconsistencies under specific conditions which are not predictable and exist for a very short period of time. This error can cause the transaction...

4.2CVSS0.002EPSS
Exploits0References1
cve
cve
added 2025/12/09 3:0 p.m.514 views

CVE-2025-14345

CVE-2025-14345 describes a post-authentication flaw in MongoDB Server’s network two‑phase commit protocol used for cross‑shard transactions. The issue can cause the transaction coordination logic to misinterpret a transaction as committed, leading to inconsistent shard state and potential low int...

5.4CVSS6.3AI score0.002EPSS
Exploits0References1Affected Software1
mongodb
mongodb
added 2025/12/09 3:0 p.m.9 views

Cross-Shard Failovers May Lead to Partial Transaction Commit in MongoDB Server

A post-authentication flaw in the network two-phase commit protocol used for cross-shard transactions in MongoDB Server may lead to logical data inconsistencies under specific conditions which are not predictable and exist for a very short period of time. This error can cause the transaction...

5.4CVSS6.8AI score0.002EPSS
Exploits0References1Affected Software1
osv
osv
added 2025/12/09 3:0 p.m.4 views

CVE-2025-14345 Cross-Shard Failovers May Lead to Partial Transaction Commit in MongoDB Server

A post-authentication flaw in the network two-phase commit protocol used for cross-shard transactions in MongoDB Server may lead to logical data inconsistencies under specific conditions which are not predictable and exist for a very short period of time. This error can cause the transaction...

2.3CVSS5.9AI score0.002EPSS
Exploits0References3
ptsecurity
ptsecurity
added 2025/12/09 12:0 a.m.3 views

PT-2025-49980

Name of the Vulnerable Software and Affected Versions MongoDB Server versions prior to 8.0.16 MongoDB Server versions prior to 7.0.26 MongoDB Server versions prior to 8.2.2 Description A flaw exists in the network two-phase commit protocol used for cross-shard transactions. This issue can lead to...

5.4CVSS5.8AI score0.002EPSS
Exploits0References12
freebsd
freebsd
added 2025/12/09 12:0 a.m.8 views

MongoDB Server -- Improper Locking

https://jira.mongodb.org/browse/SERVER-106075 reports: A post-authenticationflaw in the network two-phase commit protocol used for cross-shard transactions in MongoDB Server may lead to logical data inconsistencies under specific conditions which are not predictable and exist for a very short...

5.4CVSS6.9AI score0.002EPSS
Exploits0References1
euvd
euvd
added 2025/10/03 8:7 p.m.19 views

EUVD-2022-7694

Malicious code in bioql PyPI...

7.2CVSS6.6AI score0.00724EPSS
Exploits0References5
Rows per page
Query Builder