MongoDB

MongoDB

116 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
  • EPSS 0.24%
  • Veröffentlicht 10.02.2026 18:54:50
  • Zuletzt bearbeitet 25.02.2026 16:45:10

An authorized user may disable the MongoDB server by issuing a query against a collection that contains an invalid compound wildcard index.

  • EPSS 0.27%
  • Veröffentlicht 10.02.2026 18:52:52
  • Zuletzt bearbeitet 25.02.2026 17:17:56

MongoDB Server may experience an out-of-memory failure while evaluating expressions that produce deeply nested documents. The issue arises in recursive functions because the server does not periodically check the depth of the expression.

  • EPSS 0.24%
  • Veröffentlicht 10.02.2026 18:49:32
  • Zuletzt bearbeitet 25.02.2026 17:11:10

Complex queries can cause excessive memory usage in MongoDB Query Planner resulting in an Out-Of-Memory Crash.

  • EPSS 0.17%
  • Veröffentlicht 10.02.2026 18:39:11
  • Zuletzt bearbeitet 25.02.2026 16:54:40

Incorrect validation of the profile command may result in the determination that a request altering the 'filter' is read-only.

  • EPSS 0.24%
  • Veröffentlicht 10.02.2026 18:30:40
  • Zuletzt bearbeitet 25.02.2026 16:46:13

An authorized user may trigger a server crash by running a $geoNear pipeline with certain invalid index hints.

  • EPSS 0.26%
  • Veröffentlicht 10.02.2026 18:22:41
  • Zuletzt bearbeitet 25.02.2026 17:20:29

Connections received from the proxy port may not count towards total accepted connections, resulting in server crashes if the total number of connections exceeds available resources. This only applies to connections accepted from the proxy port, pend...

Medienbericht
  • EPSS 0.78%
  • Veröffentlicht 10.02.2026 18:16:37
  • Zuletzt bearbeitet 15.04.2026 00:35:42

A series of specifically crafted, unauthenticated messages can exhaust available memory and crash a MongoDB server.

  • EPSS 0.2%
  • Veröffentlicht 10.02.2026 18:16:37
  • Zuletzt bearbeitet 15.04.2026 00:35:42

The internal locking mechanism of the MongoDB server uses an internal encoding of the resources in order to choose what lock to take. Collections may inadvertently collide with one another in this representation causing unavailability between them du...

  • EPSS 0.24%
  • Veröffentlicht 10.02.2026 18:16:24
  • Zuletzt bearbeitet 25.02.2026 17:25:07

Inserting certain large documents into a replica set could lead to replica set secondaries not being able to fetch the oplog from the primary. This could stall replication inside the replica set leading to server crash.

Warnung Medienbericht Exploit
  • EPSS 83.01%
  • Veröffentlicht 19.12.2025 11:00:22
  • Zuletzt bearbeitet 13.01.2026 22:24:20

Mismatched length fields in Zlib compressed protocol headers may allow a read of uninitialized heap memory by an unauthenticated client. This issue affects all MongoDB Server v7.0 prior to 7.0.28 versions, MongoDB Server v8.0 versions prior to 8.0.17...