Lucene search
K

8 matches found

Tenable Nessus
Tenable Nessus
added 2026/06/12 12:0 a.m.8 views

MongoDB 8.0.x < 8.0.24 DoS

The version of MongoDB installed on the remote host is 8.0.x prior to 8.0.24. It is, therefore, affected by a denial of service vulnerability: - In Vulnerable MongoDB Server versions, an aggregation stage can leave its subPipeline field null during processing of certain pipelines. If a getMore is...

7.1CVSS5.3AI score0.00307EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/06/12 12:0 a.m.51 views

Linux Distros Unpatched Vulnerability : CVE-2026-9743

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In MongoDB Server 8.0, an aggregation stage can leave its subPipeline field null during processing of certain pipelines. If a getMore is subsequently issued on...

7.1CVSS5.4AI score0.00307EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/06/11 2:59 a.m.11 views

CVE-2026-9743

In MongoDB Server 8.0, an aggregation stage can leave its subPipeline field null during processing of certain pipelines. If a getMore is subsequently issued on the same cursor, the server may dereference this null sub-pipeline when reattaching to the operation context, accessing an invalid addres...

7.1CVSS5.5AI score0.00307EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/10 12:31 a.m.10 views

EUVD-2026-35861

In MongoDB Server 8.0, an aggregation stage can leave its subPipeline field null during processing of certain pipelines. If a getMore is subsequently issued on the same cursor, the server may dereference this null sub-pipeline when reattaching to the operation context, accessing an invalid addres...

7.1CVSS5.5AI score0.00307EPSS
Exploits0References2
OSV
OSV
added 2026/06/09 11:17 p.m.4 views

UBUNTU-CVE-2026-9743

In MongoDB Server 8.0, an aggregation stage can leave its subPipeline field null during processing of certain pipelines. If a getMore is subsequently issued on the same cursor, the server may dereference this null sub-pipeline when reattaching to the operation context, accessing an invalid addres...

7.1CVSS5.3AI score0.00307EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/06/09 9:59 p.m.8 views

CVE-2026-9743 Aggregation sub-pipeline null dereference may allow DoS via crafted getMore

In MongoDB Server 8.0, an aggregation stage can leave its subPipeline field null during processing of certain pipelines. If a getMore is subsequently issued on the same cursor, the server may dereference this null sub-pipeline when reattaching to the operation context, accessing an invalid addres...

7.1CVSS5.5AI score0.00307EPSS
Exploits0References1
CVE
CVE
added 2026/06/09 9:59 p.m.25 views

CVE-2026-9743

MongoDB Server 8.0 is affected by a vulnerability where an aggregation stage can leave its _subPipeline field null during processing. If a getMore is issued on the same cursor, the server may dereference the null sub-pipeline when reattaching to the operation context, leading to an invalid addres...

7.1CVSS5.5AI score0.00307EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2026/06/09 12:0 a.m.13 views

PT-2026-48291

Name of the Vulnerable Software and Affected Versions MongoDB Server version 8.0 Description An aggregation stage can leave its subPipeline field null during the processing of specific pipelines. If a getMore command is subsequently issued on the same cursor, the server may dereference this null...

7.1CVSS5.2AI score0.00307EPSS
Exploits0References4
Rows per page
Query Builder