threat
engine
.sh
Back
·
··:··
Home
/
Product
/
mongodb
Product
mongodb
119 known vulnerabilities across versions
Vulnerabilities are listed by affected version. Select any CVE for the full briefing and its intelligence graph.
Sort
Newest first
Oldest first
Highest CVSS
Lowest CVSS
Min CVSS
Any
4.0+
7.0+ (High)
9.0+ (Critical)
Published since
Reset
CVE-2026-8336
>= 8.2.0 and < 8.2.9
After invoking $_internalJsEmit, which is not intended to be directly accessible, or mapreduce command’s map function in a certa
7.5
HIGH
CVE-2026-8202
>= 7.0.0 and < 7.0.34
Using a densely populated chars mask and a large input string in the MongoDB aggregation operators $trim, $ltrim, and $rtrim, an a
4.3
MEDIUM
CVE-2026-8201
>= 7.0.0 and < 7.0.34
A use-after-free vulnerability exists in MongoDB's Field-Level Encryption (FLE) query analysis component, affecting client-side us
6.4
MEDIUM
CVE-2026-8200
>= 7.0.0 and < 7.0.34
When schema validation is enabled on a collection and an update or insert would violate the collection's schema, the local server
2.7
LOW
CVE-2026-8199
>= 7.0.0 and < 7.0.34
An authenticated user can cause excess memory usage via bitwise match expression AST processing of $bitsAllSet, $bitsAnySet, $bits
6.5
MEDIUM
CVE-2026-8053
>= 5.0.0 and < 5.0.33
An issue in MongoDB Server's time-series collection implementation allows an authenticated user with database write privileges to
8.8
HIGH
CVE-2026-8063
>= 8.2.0 and < 8.2.7
An authenticated user can crash mongod when running $rankFusion or $scoreFusion with an empty pipeline on a view. When resolving
6.5
MEDIUM
CVE-2026-6915
>= 7.0.0 and < 7.0.32
An authorization flaw in the user management command could allow an authenticated user to make limited changes to authentication-r
6.3
MEDIUM
CVE-2026-6914
>= 7.0.0 and < 7.0.32
Computing the MD5 checksum of a malformed BSON object under specific conditions may cause loss of availability in MongoDB server.
6.5
MEDIUM
CVE-2026-6231
< 1.30.5
The bson_validate function may return early on specific inputs and incorrectly report success. This behavior could result in skipp
4.3
MEDIUM
CVE-2026-5170
>= 7.0.0 and < 7.0.31
A user with access to the cluster with a limited set of privilege actions can trigger a crash of a mongod process during the limi
5.3
MEDIUM
CVE-2026-4359
< 1.30.8
A compromised third party cloud server or man-in-the-middle attacker could send a malformed HTTP response and cause a crash in app
2.0
LOW
CVE-2026-4358
>= 7.0.0 and < 7.0.31
A specially crafted aggregation query with $lookup by an authenticated user with write privileges can cause a double-free or use-a
6.4
MEDIUM
CVE-2026-4148
>= 7.0.0 and < 7.0.31
A use-after-free vulnerability can be triggered in sharded clusters by an authenticated user with the read role who issues a speci
8.8
HIGH
CVE-2026-4147
>= 7.0.0 and < 7.0.31
An authenticated user with the read role may read limited amounts of uninitialized stack memory via specially-crafted issuances of
6.5
MEDIUM
CVE-2026-25613
>= 7.0.0 and < 7.0.29
An authorized user may disable the MongoDB server by issuing a query against a collection that contains an invalid compound wildca
6.5
MEDIUM
CVE-2026-25610
>= 7.0.0 and < 7.0.29
An authorized user may trigger a server crash by running a $geoNear pipeline with certain invalid index hints.
6.5
MEDIUM
CVE-2026-25609
>= 7.0.0 and < 7.0.29
Incorrect validation of the profile command may result in the determination that a request altering the 'filter' is read-only.
5.4
MEDIUM
CVE-2026-1850
>= 8.0.0 and < 8.0.18
Complex queries can cause excessive memory usage in MongoDB Query Planner resulting in an Out-Of-Memory Crash.
6.5
MEDIUM
CVE-2026-1849
>= 7.0.0 and < 7.0.29
MongoDB Server may experience an out-of-memory failure while evaluating expressions that produce deeply nested documents. The issu
6.5
MEDIUM
CVE-2026-1848
>= 7.0.0 and < 7.0.29
Connections received from the proxy port may not count towards total accepted connections, resulting in server crashes if the tota
7.5
HIGH
CVE-2026-1847
>= 7.0.0 and < 7.0.29
Inserting certain large documents into a replica set could lead to replica set secondaries not being able to fetch the oplog from
6.5
MEDIUM
CVE-2025-14847
>= 3.6.0 and < 4.4.30
Mismatched length fields in Zlib compressed protocol headers may allow a read of uninitialized heap memory by an unauthenticated c
7.5
HIGH
CVE-2025-14345
>= 7.0.0 and < 7.0.26
A post-authentication flaw in the network two-phase commit protocol used for cross-shard transactions in MongoDB Server may lead
4.2
MEDIUM
CVE-2025-13644
>= 7.0.0 and < 7.0.26
MongoDB Server may experience an invariant failure during batched delete operations when handling documents. The issue arises when
6.5
MEDIUM
CVE-2025-13643
>= 7.0.0 and < 7.0.26
A user with access to the cluster with a limited set of privilege actions may be able to terminate queries that are being executed
3.1
LOW
CVE-2025-13507
>= 7.0.0 and < 7.0.26
Inconsistent object size validation in time series processing logic may result in later processing of oversized BSON documents lea
6.5
MEDIUM
CVE-2025-12893
>= 7.0.0 and < 7.0.26
Clients may successfully perform a TLS handshake with a MongoDB server despite presenting a client certificate not aligning with t
4.2
MEDIUM
CVE-2025-12119
>= 1.9.0 and < 1.30.6
A mongoc_bulk_operation_t may read invalid memory if large options are passed.
6.8
MEDIUM
CVE-2025-12657
>= 6.0.0 and < 7.0.22
The KMIP response parser built into mongo binaries is overly tolerant of certain malformed packets, and may parse them into invali
5.0
MEDIUM
CVE-2025-11979
>= 7.0.0 and < 7.0.25
An authorized user may crash the MongoDB server by causing buffer over-read. This can be done by issuing a DDL operation while que
5.3
MEDIUM
CVE-2025-11695
< 3.2.5
When tlsInsecure=False appears in a connection string, certificate validation is disabled. This vulnerability affects MongoDB Rus
8.0
HIGH
CVE-2025-10061
>= 6.0.0 and < 6.0.25
An authorized user can cause a crash in the MongoDB Server through a specially crafted $group query. This vulnerability is related
6.5
MEDIUM
CVE-2025-10060
>= 6.0.0 and < 6.0.25
MongoDB Server may allow upsert operations retried within a transaction to violate unique index constraints, potentially causing a
6.5
MEDIUM
CVE-2025-10059
>= 6.0.0 and < 6.0.24
An improper setting of the lsid field on any sharded query can cause a crash in MongoDB routers. This issue occurs when a generic
6.5
MEDIUM
CVE-2025-7259
all versions
An authorized user can issue queries with duplicate _id fields, that leads to unexpected behavior in MongoDB Server, which may res
6.5
MEDIUM
CVE-2025-6714
>= 6.0.0 and < 6.0.23
MongoDB Server's mongos component can become unresponsive to new connections due to incorrect handling of incomplete data. This af
7.5
HIGH
CVE-2025-6713
>= 6.0.0 and < 6.0.22
An unauthorized user may leverage a specially crafted aggregation pipeline to access data without proper authorization due to impr
7.7
HIGH
CVE-2025-6712
>= 8.0.0 and < 8.0.10
MongoDB Server may be susceptible to disruption caused by high memory usage, potentially leading to server crash. This condition i
6.5
MEDIUM
CVE-2025-6711
>= 6.0.0 and < 6.0.21
An issue has been identified in MongoDB Server where unredacted queries may inadvertently appear in server logs when certain error
4.4
MEDIUM
CVE-2025-6710
>= 6.0.0 and < 6.0.21
MongoDB Server may be susceptible to stack overflow due to JSON parsing mechanism, where specifically crafted JSON inputs may indu
7.5
HIGH
CVE-2025-6709
>= 6.0.0 and < 6.0.21
The MongoDB Server is susceptible to a denial of service vulnerability due to improper handling of specific date values in JSON in
7.5
HIGH
CVE-2025-6707
>= 5.0.0 and < 5.0.31
Under certain conditions, an authenticated user request may execute with stale privileges following an intentional change by an au
4.2
MEDIUM
CVE-2025-6706
>= 6.0.0 and < 6.0.21
An authenticated user may trigger a use after free that may result in MongoDB Server crash and other unexpected behavior, even if
5.0
MEDIUM
CVE-2025-3085
>= 5.0.0 and < 5.0.31
A MongoDB server under specific conditions running on Linux with TLS and CRL revocation status checking enabled, fails to check th
8.1
HIGH
CVE-2025-3084
>= 5.0.0 and < 5.0.31
When run on commands with certain arguments set, explain may fail to validate these arguments before using them. This can lead to
6.5
MEDIUM
CVE-2025-3083
>= 5.0.0 and < 5.0.31
Specifically crafted MongoDB wire protocol messages can cause mongos to crash during command validation. This can occur without us
7.5
HIGH
CVE-2025-3082
>= 5.0.0 and < 5.0.31
A user authorized to access a view may be able to alter the intended collation, allowing them to access to a different or unintend
3.1
LOW
CVE-2025-0755
>= 7.0.0 and < 7.0.16
The various bson_append functions in the MongoDB C driver library may be susceptible to buffer overflow when performing operation
8.4
HIGH
CVE-2025-1756
< 2.3.0
mongosh may be susceptible to local privilege escalation under certain conditions potentially enabling unauthorized actions on a u
7.5
HIGH
CVE-2025-1755
< 1.42.1
MongoDB Compass may be susceptible to local privilege escalation under certain conditions potentially enabling unauthorized action
7.5
HIGH
CVE-2025-1693
< 2.3.9
The MongoDB Shell may be susceptible to control character injection where an attacker with control over the database cluster conte
3.9
LOW
CVE-2025-1692
< 2.3.9
The MongoDB Shell may be susceptible to control character injection where an attacker with control of the user’s clipboard could
6.3
MEDIUM
CVE-2025-1691
< 2.3.9
The MongoDB Shell may be susceptible to control character injection where an attacker with control of the mongosh autocomplete fea
7.6
HIGH
CVE-2024-10921
>= 5.0.0 and < 5.0.30
An authorized user may trigger crashes or receive the contents of buffer over-reads of Server memory by issuing specially crafted
6.8
MEDIUM
CVE-2024-8305
>= 6.0.0 and < 6.0.17
prepareUnique index may cause secondaries to crash due to incorrect enforcement of index constraints on secondaries, where in extr
6.5
MEDIUM
CVE-2024-8654
>= 6.0.0 and <= 6.0.3
MongoDB Server may access non-initialized region of memory leading to unexpected behaviour when zero arguments are called in inter
5.0
MEDIUM
CVE-2024-8207
>= 5.0.0 and < 5.0.14
In certain highly specific configurations of the host system and MongoDB server binary installation on Linux Operating Systems, it
6.4
MEDIUM
CVE-2024-6384
>= 6.0.0 and < 6.0.16
"Hot" backup files may be downloaded by underprivileged users, if they are capable of acquiring a unique backup identifier. This i
5.3
MEDIUM
CVE-2024-7553
>= 5.0.0 and < 5.0.27
Incorrect validation of files loaded from a local untrusted directory may allow local privilege escalation if the underlying opera
7.3
HIGH
CVE-2024-6382
>= 2.0.0 and < 2.8.2
Incorrect handling of certain string inputs may result in MongoDB Rust driver constructing unintended server commands. This may ca
6.4
MEDIUM
CVE-2024-6381
< 1.26.2
The bson_strfreev function in the MongoDB C driver library may be susceptible to an integer overflow where the function will try t
4.0
MEDIUM
CVE-2024-6376
< 1.42.2
MongoDB Compass may be susceptible to code injection due to insufficient sandbox protection settings with the usage of ejson shell
7.0
HIGH
CVE-2024-6375
>= 5.0.0 and < 5.0.22
A command for refining a collection shard key is missing an authorization check. This may cause the command to run directly on a s
5.4
MEDIUM
CVE-2024-3374
>= 5.0.0 and <= 5.0.16
An unauthenticated user can trigger a fatal assertion in the server while generating ftdc diagnostic metrics due to attempting to
5.3
MEDIUM
CVE-2024-3372
>= 5.0.0 and < 5.0.25
Improper validation of certain metadata input may result in the server not correctly serialising BSON. This can be performed pre-a
7.5
HIGH
CVE-2024-3371
>= 1.35.0 and < 1.42.1
MongoDB Compass may accept and use insufficiently validated input from an untrusted external source. This may cause unintended app
7.1
HIGH
CVE-2024-1351
>= 4.4.0 and < 4.4.29
Under certain configurations of --tlsCAFile and tls.CAFile, MongoDB Server may skip peer certificate validation which may result i
8.8
HIGH
CVE-2023-0437
< 1.25.0
When calling bson_utf8_validate on some inputs a loop with an exit condition that cannot be reached may occur, i.e. an infinite l
5.3
MEDIUM
CVE-2021-32050
>= 1.0.0 and < 1.17.7
Some MongoDB Drivers may erroneously publish events containing authentication-related data to a command listener configured by an
4.2
MEDIUM
CVE-2023-1409
>= 4.4.0 and < 4.4.23
If the MongoDB Server running on Windows or macOS is configured to use TLS with a specific set of configuration options that are a
5.3
MEDIUM
CVE-2022-24272
>= 5.0.0 and <= 5.0.6
An authenticated user may trigger an invariant assertion during command dispatch due to incorrect validation on the $external data
6.5
MEDIUM
CVE-2021-32040
>= 4.2.0 and < 4.2.16
It may be possible to have an extremely long aggregation pipeline in conjunction with a specific stage/operator and cause a stack
6.5
MEDIUM
CVE-2021-32036
>= 2.0.0 and < 4.2.18
An authenticated user without any specific authorizations may be able to repeatedly invoke the features command where at a high vo
5.4
MEDIUM
CVE-2021-32039
<= 0.7.0
Users with appropriate file access may be able to access unencrypted user credentials saved by MongoDB Extension for VS Code in a
5.5
MEDIUM
CVE-2021-20330
>= 4.0.0 and < 4.0.25
An attacker with basic CRUD permissions on a replicated collection can run the applyOps command with specially malformed oplog ent
6.5
MEDIUM
CVE-2021-32037
>= 5.0.0 and <= 5.0.2
An authorized user may trigger an invariant which may result in denial of service or server exit if a relevant aggregation request
6.5
MEDIUM
CVE-2021-20332
>= 1.0.0 and <= 1.2.1
Specific MongoDB Rust Driver versions can include credentials used by the connection pool to authenticate connections in the monit
4.2
MEDIUM
CVE-2021-20333
>= 3.6.0 and < 3.6.20
Sending specially crafted commands to a MongoDB Server may result in artificial log entries being generated or for log entries to
5.3
MEDIUM
CVE-2021-20326
>= 4.4.0 and < 4.4.4
A user authorized to performing a specific type of find query may trigger a denial of service. This issue affects MongoDB Server v
6.5
MEDIUM
CVE-2021-20334
>= 1.3.0 and < 1.25.0
A malicious 3rd party with local access to the Windows machine where MongoDB Compass is installed can execute arbitrary software w
4.8
MEDIUM
CVE-2018-25004
>= 3.6.0 and < 3.6.11
A user authorized to performing a specific type of query may trigger a denial of service by issuing a generic explain command on a
4.9
MEDIUM
CVE-2020-7929
>= 3.6.0 and < 3.6.21
A user authorized to perform database queries may trigger denial of service by issuing specially crafted query contain a type of r
6.5
MEDIUM
CVE-2021-20335
>= 4.2.0 and <= 4.2.24
For MongoDB Ops Manager versions prior to and including 4.2.24 with multiple OM application servers, that have SSL turned on for t
6.7
MEDIUM
CVE-2019-20925
>= 3.4.0 and < 3.4.24
An unauthenticated client can trigger denial of service by issuing specially crafted wire protocol messages, which cause the messa
7.5
HIGH
CVE-2020-7927
>= 4.2.0 and <= 4.2.17
Specially crafted API calls may allow an authenticated user who holds Organization Owner privilege to obtain an API key with Globa
8.1
HIGH
CVE-2018-20803
>= 3.4.0 and < 3.4.19
A user authorized to perform database queries may trigger denial of service by issuing specially crafted queries, which loop indef
6.5
MEDIUM
CVE-2020-7928
>= 3.6.0 and < 3.6.20
A user authorized to perform database queries may trigger a read overrun and access arbitrary memory by issuing specially crafted
6.5
MEDIUM
CVE-2019-2393
>= 3.6.0 and < 3.6.15
A user authorized to perform database queries may trigger denial of service by issuing specially crafted queries, which use $looku
6.5
MEDIUM
CVE-2019-2392
>= 3.6.0 and < 3.6.20
A user authorized to perform database queries may trigger denial of service by issuing specially crafted queries, which use the $m
6.5
MEDIUM
CVE-2019-20924
>= 4.2.0 and < 4.2.2
A user authorized to perform database queries may trigger denial of service by issuing specially crafted queries which trigger an
6.5
MEDIUM
CVE-2019-20923
>= 4.0.0 and < 4.0.7
A user authorized to perform database queries may trigger denial of service by issuing specially crafted queries, which throw unha
6.5
MEDIUM
CVE-2018-20805
>= 3.6.0 and < 3.6.10
A user authorized to perform database queries may trigger denial of service by issuing specially crafted queries, which perform an
6.5
MEDIUM
CVE-2018-20804
>= 3.6.0 and < 3.6.13
A user authorized to perform database queries may trigger denial of service by issuing specially crafted applyOps invocations. Thi
6.5
MEDIUM
CVE-2018-20802
>= 3.6.0 and < 3.6.9
A user authorized to perform database queries may trigger denial of service by issuing specially crafted queries with compound ind
6.5
MEDIUM
CVE-2020-7926
>= 4.4.0 and < 4.4.1
A user authorized to perform database queries may cause denial of service by issuing a specially crafted query which violates an i
6.5
MEDIUM
CVE-2020-7925
>= 4.2.0 and < 4.2.9
Incorrect validation of user input in the role name parser may lead to use of uninitialized memory allowing an unauthenticated att
7.5
HIGH
CVE-2020-7923
>= 4.0 and < 4.0.19
A user authorized to perform database queries may cause denial of service by issuing specially crafted queries, which violate an i
6.5
MEDIUM
CVE-2019-2388
all versions
In affected Ops Manager versions there is an exposed http route was that may allow attackers to view a specific access log of a pu
5.8
MEDIUM
CVE-2020-7921
>= 3.6.0 and < 3.6.18
Improper serialization of internal state in the authorization subsystem in MongoDB Server's authorization subsystem permits a user
4.6
MEDIUM
CVE-2020-12135
< 0.8
bson before 0.8 incorrectly uses int rather than size_t for many variables, parameters, and return values. In particular, the bson
5.5
MEDIUM
CVE-2019-2390
>= 3.4.0 and < 3.4.22
An unprivileged user or program on Microsoft Windows which can create OpenSSL configuration files in a fixed location may cause ut
8.2
HIGH
CVE-2019-2389
>= 3.4.0 and < 3.4.22
Incorrect scoping of kill operations in MongoDB Server's packaged SysV init scripts allow users with write access to the PID file
5.3
MEDIUM
CVE-2019-2386
>= 3.4.0 and < 3.4.22
After user deletion in MongoDB Server the improper invalidation of authorization sessions allows an authenticated user's session t
7.1
HIGH
CVE-2015-7882
>= 3.0.0 and <= 3.0.6
Improper handling of LDAP authentication in MongoDB Server versions 3.0.0 to 3.0.6 allows an unauthenticated client to gain unauth
8.1
HIGH
CVE-2018-16790
all versions
_bson_iter_next_internal in bson-iter.c in libbson 1.12.0, as used in MongoDB mongo-c-driver and other products, has a heap-based
8.1
HIGH
CVE-2017-2665
all versions
The skyring-setup command creates random password for mongodb skyring database but it writes password in plain text to /etc/skyrin
4.8
MEDIUM
CVE-2017-15535
>= 3.4.0 and < 3.4.10
MongoDB 3.4.x before 3.4.10, and 3.5.x-development, has a disabled-by-default configuration setting, networkMessageCompressors (ak
9.1
CRITICAL
CVE-2017-14227
all versions
In MongoDB libbson 1.7.0, the bson_iter_codewscope function in bson-iter.c miscalculates a bson_utf8_validate length argument, whi
7.5
HIGH
CVE-2014-8180
all versions
MongoDB on Red Hat Satellite 6 allows local users to bypass authentication by logging in with an empty password and delete informa
5.5
MEDIUM
CVE-2016-3104
all versions
mongod in MongoDB 2.6, when using 2.4-style users, and 2.4 allow remote attackers to cause a denial of service (memory consumption
7.5
HIGH
CVE-2016-6494
< 3.0.15
The client in MongoDB uses world-readable permissions on .dbshell history files, which might allow local users to obtain sensitive
5.5
MEDIUM
CVE-2015-1609
<= 2.4.12
MongoDB before 2.4.13 and 2.6.x before 2.6.8 allows remote attackers to cause a denial of service via a crafted UTF-8 string in a
CVE-2014-3971
all versions
The CmdAuthenticate::_authenticateX509 function in db/commands/authentication_commands.cpp in mongod in MongoDB 2.6.x before 2.6.2
CVE-2012-6619
<= 2.3.1
The default configuration for MongoDB before 2.3.2 does not validate objects, which allows remote authenticated users to cause a d
CVE-2013-3969
all versions
The find prototype in scripting/engine_v8.h in MongoDB 2.4.0 through 2.4.4 allows remote authenticated users to cause a denial of
CVE-2013-1892
<= 2.0.8
MongoDB before 2.0.9 and 2.2.x before 2.2.4 does not properly validate requests to the nativeHelper function in SpiderMonkey, whic
CVE-2013-2132
<= 2.5.1
bson/_cbsonmodule.c in the mongo-python-driver (aka. pymongo) before 2.5.2, as used in MongoDB, allows context-dependent attackers
CVE-2013-4650
all versions
MongoDB 2.4.x before 2.4.5 and 2.5.x before 2.5.1 allows remote authenticated users to obtain internal system privileges by levera
Vulnerabilities
CISA KEV catalog
CWE weaknesses
CAPEC attack patterns
Package vulnerabilities
Threat intelligence
Threat actors
Tools & malware
ATT&CK techniques
IOCs
Detection & defense
Sigma rules
YARA rules
Atomic Red Team tests
D3FEND countermeasures
Compliance
NIST 800-53
ISO 27001:2022
SOC 2 TSC
PCI-DSS v4.0
CIS Controls v8.1
About
All capabilities
Live statistics
Data sources
Privacy policy
Terms of service
threatengine.sh · Open-source threat intelligence platform · 100+ authoritative sources · Every fact traces to its origin