BIT-MONGODB-2025-14345 Cross-Shard Failovers May Lead to Partial Transaction Commit in MongoDB Server

A post-authentication flaw in the network two-phase commit protocol used for cross-shard transactions in MongoDB Server may lead to logical data inconsistencies under specific conditions which are not predictable and exist for a very short period of time. This error can cause the transaction...

SUSE CVE-2026-31445

In the Linux kernel, the following vulnerability has been resolved: mm/damon/core: avoid use of half-online-committed context One major usage of damoncall is online DAMON parameters update. It is done by calling damoncommitctx inside the damoncall callback function. damoncommitctx can fail for tw...

kernel: Linux kernel: Data corruption and system instability due to improper io_uring/net buffer handling

A flaw was found in the Linux kernel's iouring/net component. This vulnerability arises when ring provided buffers are partially committed during network operations, particularly when MSGWAITALL is enabled or with streaming sockets. A local attacker could exploit this by causing multiple socket...

CVE-2025-14345 Cross-Shard Failovers May Lead to Partial Transaction Commit in MongoDB Server

A post-authentication flaw in the network two-phase commit protocol used for cross-shard transactions in MongoDB Server may lead to logical data inconsistencies under specific conditions which are not predictable and exist for a very short period of time. This error can cause the transaction...

CVE-2025-14345

CVE-2025-14345 describes a post-authentication flaw in MongoDB Server’s network two‑phase commit protocol used for cross‑shard transactions. The issue can cause the transaction coordination logic to misinterpret a transaction as committed, leading to inconsistent shard state and potential low int...