Lucene search
+L

477 matches found

Cvelist
Cvelist
added 2025/11/25 5:16 a.m.16 views

CVE-2025-13643 MongoDB Server may allow queries to be terminated by unauthorized users

A user with access to the cluster with a limited set of privilege actions may be able to terminate queries that are being executed by other users. This may cause a denial of service by preventing a fraction of queries from successfully completing. This issue affects MongoDB Server v7.0 versions...

3.1CVSS0.00196EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/11/25 5:7 a.m.3 views

CVE-2025-12893 Improper Certificate Validation May Allow Successful TLS Handshaking Despite Invalid Extended Key Usage Fields in MongoDB Server

Clients may successfully perform a TLS handshake with a MongoDB server despite presenting a client certificate not aligning with the documented Extended Key Usage EKU requirements. A certificate that specifies extendedKeyUsage but is missing extendedKeyUsage = clientAuth may still be successfully...

4.2CVSS6AI score0.00084EPSS
Exploits0References1
CVE
CVE
added 2025/11/25 5:7 a.m.25 views

CVE-2025-12893

CVE-2025-12893 affects MongoDB Server: vulnerable EKU handling allows TLS handshakes when client/server certificates have EKU fields that don’t match documented clientAuth/serverAuth, on Windows/Apple (Linux validation is correct). Impact is limited to specific MongoDB server lines: v7.0 before 7...

5.4CVSS6AI score0.00084EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2025/11/25 4:52 a.m.26 views

CVE-2025-13507

The CVE-2025-13507 entry describes an issue in MongoDB Server: inconsistent object size validation in the time series processing path can cause oversized BSON documents to be processed later, triggering an assertion and process termination. Affected versions are MongoDB Server v7.0 before 7.0.26,...

7.1CVSS6.5AI score0.00255EPSS
Exploits0References1Affected Software1
OSV
OSV
added 2025/11/25 4:52 a.m.7 views

CVE-2025-13507 Time-series operations may cause internal BSON size limit to be exceed

Inconsistent object size validation in time series processing logic may result in later processing of oversized BSON documents leading to an assert failing and process termination. This issue impacts MongoDB Server v7.0 versions prior to 7.0.26, v8.0 versions prior to 8.0.16 and MongoDB server v8...

7.1CVSS6.6AI score0.00255EPSS
Exploits0References3
CNNVD
CNNVD
added 2025/11/25 12:0 a.m.7 views

MongoDB Server 安全漏洞

MongoDB Server is a set of open source NoSQL databases from the American company MongoDB. The database provides collection-oriented storage, dynamic querying, data replication and automatic failover. A security vulnerability exists in MongoDB Server versions v7.0 through 7.0.26 prior, v8.0 throug...

5.4CVSS6.2AI score0.00084EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/11/25 12:0 a.m.7 views

MongoDB Server 安全漏洞

MongoDB Server is a set of open source NoSQL databases from the American company MongoDB. The database provides collection-oriented storage, dynamic querying, data replication and automatic failover. A security vulnerability exists in MongoDB Server versions 7.0 through 7.0.26 prior, 8.0 through...

7.1CVSS6.2AI score0.00255EPSS
Exploits0References3
CNNVD
CNNVD
added 2025/11/25 12:0 a.m.8 views

MongoDB Server 安全漏洞

MongoDB Server is a set of open source NoSQL databases from the American company MongoDB. The database provides collection-oriented storage, dynamic querying, data replication and automatic failover. A security vulnerability exists in MongoDB Server version v7.0 up to and including version 7.0.26...

7.5CVSS6.2AI score0.00257EPSS
Exploits0References3
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/11/12 4:29 a.m.4 views

Malicious code in mongodb-server-yakutsk-ignite (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 57dcaba764b7d0683fc08db311198f703cf88073de862611d3f71439e3a4ded1 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.9AI score
Exploits0
EUVD
EUVD
added 2025/11/12 4:29 a.m.4 views

EUVD-2025-124778

Malicious code in mongodb-server-yakutsk-ignite npm...

6.6AI score
Exploits0
CNNVD
CNNVD
added 2025/11/03 12:0 a.m.7 views

MongoDB Server 安全漏洞

MongoDB Server is a set of open source NoSQL databases from the American company MongoDB. The database provides collection-oriented storage, dynamic querying, data replication and automatic failover. A security vulnerability exists in MongoDB Server that stems from an over-tolerance of malformed...

5.9CVSS6.1AI score0.00357EPSS
Exploits0References3
OSV
OSV
added 2025/10/20 6:15 p.m.5 views

UBUNTU-CVE-2025-11979

An authorized user may crash the MongoDB server by causing buffer over-read. This can be done by issuing a DDL operation while queries are being issued, under some conditions. This issue affects MongoDB Server v7.0 versions prior to 7.0.25, MongoDB Server v8.0 versions prior to 8.0.15, and MongoD...

6.5CVSS7.2AI score0.00251EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2025/10/20 5:47 p.m.5 views

CVE-2025-11979 Use-after-free in the MongoDB server query planner may lead to crash or undefined behavior

An authorized user may crash the MongoDB server by causing buffer over-read. This can be done by issuing a DDL operation while queries are being issued, under some conditions. This issue affects MongoDB Server v7.0 versions prior to 7.0.25, MongoDB Server v8.0 versions prior to 8.0.15, and MongoD...

5.3CVSS6.6AI score0.00251EPSS
Exploits0References1
MongoDB
MongoDB
added 2025/10/20 5:47 p.m.9 views

Use-after-free in the MongoDB server query planner may lead to crash or undefined behavior

An authorized user may crash the MongoDB server by causing buffer over-read. This can be done by issuing a DDL operation while queries are being issued, under some conditions. This issue affects MongoDB Server v7.0 versions prior to 7.0.25, MongoDB Server v8.0 versions prior to 8.0.15, and MongoD...

6.5CVSS7.1AI score0.00251EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2025/10/20 12:0 a.m.5 views

MongoDB Server 安全漏洞

MongoDB Server is a set of open source NoSQL databases from the American company MongoDB. The database provides collection-oriented storage, dynamic querying, data replication and automatic failover. A security vulnerability exists in MongoDB Server versions 7.0 up to and including 7.0.25, 8.0 up...

6.5CVSS6.5AI score0.00251EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2020-28856

Malware in sbrugna...

6.5CVSS6.4AI score0.01391EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.8 views

EUVD-2018-13344

Malware in sbrugna...

6.5CVSS6.4AI score0.01462EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.8 views

EUVD-2020-28858

Malware in sbrugna...

6.5CVSS6.3AI score0.01412EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2020-28854

Malware in sbrugna...

6.5CVSS6.3AI score0.01275EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2020-28855

Malware in sbrugna...

7.5CVSS7.4AI score0.0166EPSS
Exploits0References3
Rows per page
Query Builder