CVE-2026-4358
A specially crafted aggregation query with $lookup by an authenticated user with write privileges can cause a double-fre
A specially crafted aggregation query with $lookup by an authenticated user with write privileges can cause a double-free or use-after-free memory issue in the slot-based execution (SBE) engine when an in-memory hash table is spilled to disk.
MEDIUM · CVSS 6.4
EPSS 0.00041
Schedule remediation
- Public exploit or PoC is available
Sigma rules0
YARA rules0