ROS-20251030-03

A vulnerability in the MongoDB database management system is related to misconfiguration of the lsid field. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...

FreeBSD : mongodb -- MongoDB Server router will crash when incorrect lsid is set on a sharded query (4329e3bd-a2ca-11f0-8402-b42e991fc52e)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the 4329e3bd-a2ca-11f0-8402-b42e991fc52e advisory. [email protected] reports: An improper setting of the lsid field on any sharded query can cause a crash i...

EUVD-2025-27046

Malicious code in bioql PyPI...

BIT-MONGODB-2025-10059 MongoDB Server router will crash when incorrect lsid is set on a sharded query

An improper setting of the lsid field on any sharded query can cause a crash in MongoDB routers. This issue occurs when a generic argument lsid is provided in a case when it is not applicable. This affects MongoDB Server v6.0 versions prior to 6.0.x, MongoDB Server v7.0 versions prior to 7.0.18 a...

MongoDB 6.0.x < 6.0.24 / 7.0.x < 7.0.18 / 8.0.x < 8.0.6 (SERVER-100901)

The version of MongoDB installed on the remote host is 6.0 prior to 6.0.24, 7.0 prior to 7.0.18, and 8.0 prior to 8.0.6. It is, therefore, affected by a vulnerability as referenced in the SERVER-100901 advisory. - An improper setting of the lsid field on any sharded query can cause a crash in...

Linux Distros Unpatched Vulnerability : CVE-2025-10059

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An improper setting of the lsid field on any sharded query can cause a crash in MongoDB routers. This issue occurs when a generic argument lsid is provided in a...

CVE-2025-10059

An improper setting of the lsid field on any sharded query can cause a crash in MongoDB routers. This issue occurs when a generic argument lsid is provided in a case when it is not applicable. This affects MongoDB Server v6.0 versions prior to 6.0.x, MongoDB Server v7.0 versions prior to 7.0.18 a...

CVE-2025-10059

An improper setting of the lsid field on any sharded query can cause a crash in MongoDB routers. This issue occurs when a generic argument lsid is provided in a case when it is not applicable. This affects MongoDB Server v6.0 versions prior to 6.0.x, MongoDB Server v7.0 versions prior to 7.0.18 a...

CVE-2025-10059

An improper setting of the lsid field on any sharded query can cause a crash in MongoDB routers. This issue occurs when a generic argument lsid is provided in a case when it is not applicable. This affects MongoDB Server v6.0 versions prior to 6.0.x, MongoDB Server v7.0 versions prior to 7.0.18 a...

UBUNTU-CVE-2025-10059

An improper setting of the lsid field on any sharded query can cause a crash in MongoDB routers. This issue occurs when a generic argument lsid is provided in a case when it is not applicable. This affects MongoDB Server v6.0 versions prior to 6.0.x, MongoDB Server v7.0 versions prior to 7.0.18 a...

CVE-2025-10059

Summary: A vulnerability in MongoDB where an improper setting of the lsid field on a sharded query can crash MongoDB routers. Root cause: mis-handling of a generic argument (lsid) when not applicable. Affected versions: MongoDB Server 6.0.x before 6.0.24; 7.0.x before 7.0.18; 8.0.x before 8.0.6. ...

CVE-2025-10059 MongoDB Server router will crash when incorrect lsid is set on a sharded query

An improper setting of the lsid field on any sharded query can cause a crash in MongoDB routers. This issue occurs when a generic argument lsid is provided in a case when it is not applicable. This affects MongoDB Server v6.0 versions prior to 6.0.x, MongoDB Server v7.0 versions prior to 7.0.18 a...

mongodb -- MongoDB Server router will crash when incorrect lsid is set on a sharded query

[email protected] reports: An improper setting of the lsid field on any sharded query can cause a crash in MongoDB routers. This issue occurs when a generic argument lsid is provided in a case when it is not applicable...

MongoDB Server 安全漏洞

MongoDB Server is a set of open source NoSQL databases from the American company MongoDB. The database provides collection-oriented storage, dynamic querying, data replication and automatic failover. A security vulnerability exists in MongoDB Server versions prior to v6.0.x, prior to v7.0.18, and...

Bomgar Remote Support Unauthenticated Code Execution

This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit3 'Bomgar Remote Support Unauthenticated Code Execution', 'Description' = %q This module exploits a vulnerability in the Bomgar Remote...

Design/Logic Flaw

The GoogleAuthUtil.getToken method in the Google Play services SDK before 2015 sets parameters in OAuth token requests upon finding a corresponding opt parameter in the Bundle extras argument, which allows attackers to bypass an intended consent dialog and retrieve tokens for arbitrary OAuth scop...