Lucene search
K

4 matches found

RedhatCVE
RedhatCVE
added 2026/03/26 3:7 p.m.6 views

CVE-2026-4358

A specially crafted aggregation query with $lookup by an authenticated user with write privileges can cause a double-free or use-after-free memory issue in the slot-based execution SBE engine when an in-memory hash table is spilled to disk...

6.4CVSS6AI score0.00342EPSS
Exploits1References1
Tenable Nessus
Tenable Nessus
added 2026/03/20 12:0 a.m.5 views

MongoDB 7.0.x < 7.0.31 / 8.0.x < 8.0.20 / 8.2.x < 8.2.6 / 8.3.0-rc0 Double Free (SERVER-118849)

The version of MongoDB installed on the remote host is 7.0 prior to 7.0.31, 8.0 prior to 8.0.20, 8.2 prior to 8.2.6, and 8.3.0-rc0. It is, therefore, affected by a vulnerability as referenced in the SERVER-118849 advisory. - A specially crafted aggregation query with $lookup by an authenticated...

7.5CVSS6AI score0.00342EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2026/03/19 12:0 a.m.7 views

Linux Distros Unpatched Vulnerability : CVE-2026-4358

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A specially crafted aggregation query with $lookup by an authenticated user with write privileges can cause a double-free or use-after-free memory issue in the...

7.5CVSS6.1AI score0.00342EPSS
Exploits1References2
OSV
OSV
added 2026/03/17 8:16 p.m.5 views

UBUNTU-CVE-2026-4358

A specially crafted aggregation query with $lookup by an authenticated user with write privileges can cause a double-free or use-after-free memory issue in the slot-based execution SBE engine when an in-memory hash table is spilled to disk...

7.5CVSS6AI score0.00342EPSS
Exploits1References3
Rows per page
Query Builder