Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1020 CNY

100%
Buy Us a Coffee

MongoDB, Inc. — Vulnerabilities & Security Advisories 10

Browse all 10 CVE security advisories affecting MongoDB, Inc.. AI-powered Chinese analysis, POCs, and references for each vulnerability.

This page aggregates known software vulnerabilities for MongoDB, Inc., a leading provider of high-performance NoSQL database solutions, focusing primarily on common weakness enumerations associated with its database engine and associated tools. The collection encompasses a wide spectrum of security flaws, including injection vulnerabilities, authentication bypasses, remote code execution risks, and information disclosure issues, spanning from the early days of the company’s open-source offerings through its most recent enterprise releases. This timeframe ensures that historical context is preserved alongside contemporary threats, providing a comprehensive view of how security postures have evolved. Visitors can use this resource to systematically track vendor advisories and security bulletins released by MongoDB, Inc., allowing for timely patching and risk mitigation. Additionally, the page facilitates a deeper understanding of specific weakness classes, such as improper input validation or configuration errors, by mapping them to real-world incidents within the MongoDB ecosystem. Users can also look up a specific product’s vulnerability history to assess long-term stability and the frequency of critical updates. By consolidating this data into a single accessible interface, the page serves as a vital reference for security analysts, database administrators, and developers seeking to evaluate the security landscape surrounding MongoDB. This approach supports informed decision-making regarding software selection, upgrade schedules, and compliance auditing without relying on fragmented or incomplete sources. The structured presentation aims to simplify the complex process of vulnerability management for one of the most widely deployed database platforms in modern cloud-native architectures.

Top products by MongoDB, Inc.: MongoDB Server Ops Manager Compass C Driver
CVE IDTitleCVSSSeverityPublished
CVE-2026-9101 Prototype pollution in csv parsing — CompassCWE-1321 4.3 Medium2026-05-20
CVE-2026-9100 Heap memory out of bounds read and crash in C Driver legacy GridFS file reader — C DriverCWE-1285 5.9 Medium2026-05-20
CVE-2026-8843 Calling createIndex with certain index types can crash mongod — MongoDB ServerCWE-617 6.5 Medium2026-05-18
CVE-2026-8202 Post-authentication CPU utilization DoS via $trim/$ltrim/$rtrim operators — MongoDB ServerCWE-770 4.3 Medium2026-05-13
CVE-2026-8336 Post-authentication use-after-free error in $_internalJsEmit and mapreduce commands — MongoDB ServerCWE-416 7.5 High2026-05-13
CVE-2026-8201 Use-After-Free in MongoDB FLE Query Analysis When Processing Positional Projections on Encrypted Fields — MongoDB ServerCWE-416 6.4 Medium2026-05-13
CVE-2026-8200 Schema validation log messages may not redact user data — MongoDB ServerCWE-532 2.7 Low2026-05-13
CVE-2026-8199 Post-auth memory exhaustion via bitwise match expressions — MongoDB ServerCWE-1325 6.5 Medium2026-05-13
CVE-2026-8053 FlatBSON Duplicate Field Index Drift — MongoDB ServerCWE-787 8.8 High2026-05-12
CVE-2026-8431 Ops Manager RCE via webhook body — Ops ManagerCWE-77 7.2 High2026-05-12

This page lists every published CVE security advisory associated with MongoDB, Inc.. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.