Where
-Infinity
0

Trending

Last week
Last month
Last year

Vendor Risk Score

See how mongodb compares to other vendors in security performance

View Risk Score →

Software

mongodb
48
mongodb mongodb
44
mongodb mongodb server
37
mongodb server
6
mongodb ops manager
5
mongodb bson
4
mongodb c driver
4
mongodb compass
4
mongodb mongodb c driver
4
mongodb c driver mongodb
3
mongodb rust driver
3
mongodb c# driver
2
mongodb js-bson
2
mongodb php driver
2
mongodb atlas kubernetes operator
1
mongodb atlas sql odbc driver
1
mongodb bi connector odbc driver
1
mongodb bson for node.js
1
mongodb bson ruby
1
mongodb bson::xs
1
mongodb connector for bi
1
mongodb database tools
1
mongodb enterprise kubernetes operator
1
mongodb go driver mongodb
1
mongodb java driver mongodb
1
mongodb libmongocrypt node.js
1
mongodb mongo-express
1
mongodb mongocryptd
1
mongodb mongodb and mongodb server
1
mongodb mongodb drivers (queryable encryption / client-side field level encryption)
1
mongodb mongodb server 7.0
1
mongodb mongodb server 8.0
1
mongodb mongodb server 8.2
1
mongodb mongomirror
1
mongodb node.js driver
1
mongodb ops manager server
1
mongodb php driver mongodb
1
mongodb pymongo
1
mongodb rust driver mongodb
1
mongodb swift driver
1
mongodb/mongodb
1

MongoDB MongoDB ServerUnbounded recursion in BSONColumn interleaved-reference causes pre-auth stack overflow

Risk 47
Severity
8.7
First published (updated )
CVE-2026-9740

MongoDB MongoDB ServerKeyfile contents are in MongoDB Server logs

Risk 37
Severity
6.8
First published (updated )
CVE-2026-9735

MongoDB MongoDB ServerStack memory disclosure in filemd5 command

Risk 40
Severity
7.1
First published (updated )
CVE-2026-9754

MongoDB MongoDB ServerServer crash via malformed binary diff passed to $_internalApplyOplogUpdate.

Risk 60
Severity
7.2
First published (updated )
CVE-2026-9753

MongoDB MongoDB ServerGeometryCollection with strict-winding polygon causes server crash during 2dsphere index key generation

Risk 40
Severity
7.1
First published (updated )
CVE-2026-9752
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

MongoDB MongoDB ServerSensitive data could be written to mongod.log

Risk 37
Severity
6.8
First published (updated )
CVE-2026-9751

MongoDB MongoDB ServerMetadata name collision on $-prefixed fields causes post-auth server crash

Risk 40
Severity
7.1
First published (updated )
CVE-2026-9750

MongoDB MongoDBUsing MaxKey() may crash the server

Risk 40
Severity
7.1
First published (updated )
CVE-2026-9749

MongoDB MongoDB Server$_internalConvertBucketIndexStats may crash the mongod server when working on no timeseries input

Risk 40
Severity
7.1
First published (updated )
CVE-2026-9748

MongoDB MongoDB ServerCrafted cross-shard merge aggregation crashes MongoDB Server

Risk 40
Severity
7.1
First published (updated )
CVE-2026-9747
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

MongoDB MongoDB ServerServer crashes in case of the use of exchange

Risk 40
Severity
7.1
First published (updated )
CVE-2026-9746

MongoDB MongoDB ServerAggregation sub-pipeline null dereference may allow DoS via crafted getMore

Risk 40
Severity
7.1
First published (updated )
CVE-2026-9743

MongoDB MongoDB Drivers (Queryable Encryption / Client-Side Field Level Encryption)Client side encryption fails to encrypt values in a $vectorSearch

Risk 40
Severity
7.1
First published (updated )
CVE-2026-9741

A week after Dutch FIOD seized 800+ servers, the hosting network's ASN (AS209847) is still scanning at its normal daily rate

First published (updated )
Social
reddit

MongoDB MongoDB C driverHeap memory out of bounds read and crash in C Driver legacy GridFS file reader

Risk 31
Severity
6
EPSS
0.07%
First published (updated )
CVE-2026-9100
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

MongoDB MongoDB ServerCalling createIndex with certain index types can crash mongod

Risk 29
Severity
7.1
EPSS
0.04%
First published (updated )
CVE-2026-8843

MongoDB MongoDBPost-authentication CPU utilization DoS via $trim/$ltrim/$rtrim operators

Risk 27
Severity
5.3
EPSS
0.05%
First published (updated )
CVE-2026-8202

MongoDB MongoDBPost-authentication use-after-free error in $_internalJsEmit and mapreduce commands

Risk 51
Severity
7.7
EPSS
0.08%
First published (updated )
CVE-2026-8336

MongoDB MongoDBUse-After-Free in MongoDB FLE Query Analysis When Processing Positional Projections on Encrypted Fields

Risk 56
Severity
6.1
EPSS
0.03%
First published (updated )
CVE-2026-8201

MongoDB MongoDBSchema validation log messages may not redact user data

Risk 19
Severity
4.8
EPSS
0.04%
First published (updated )
CVE-2026-8200
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

MongoDB MongoDBPost-auth memory exhaustion via bitwise match expressions

Risk 29
Severity
7.1
EPSS
0.05%
First published (updated )
CVE-2026-8199

MongoDB MongoDBFlatBSON Duplicate Field Index Drift

Risk 56
Severity
8.7
EPSS
0.07%
First published (updated )
CVE-2026-8053

MongoDB Ops ManagerOps Manager RCE via webhook body

Risk 55
Severity
9.4
EPSS
0.07%
First published (updated )
CVE-2026-8431

MongoDB MongoDB ServerPost-auth null pointer dereference when aggregating against a view with empty search pipeline

Risk 29
Severity
7.1
EPSS
0.04%
First published (updated )
CVE-2026-8063

MongoDB MongoDB C driverMongoDB C Driver Cyrus SASL Canonicalization Buffer Overflow

Risk 55
Severity
8.6
EPSS
0.02%
First published (updated )
CVE-2026-6691
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

MongoDB MongoDBFlaw in the updateUser Command May Allow Unauthorized Configuration Change

Risk 33
Severity
5.3
EPSS
0.05%
First published (updated )
CVE-2026-6915

MongoDB MongoDBMD5 checksum creation may cause availability loss

Risk 31
Severity
7.1
EPSS
0.04%
First published (updated )
CVE-2026-6914

MongoDB C Driver Mongodbbson_validate may skip validation when processing certain inputs

Risk 31
Severity
5.3
EPSS
0.05%
First published (updated )
CVE-2026-6231

MongoDB MongoDBUsers could trigger a crash of mongod primaries during promotion to sharded

Risk 25
Severity
6
EPSS
0.05%
First published (updated )
CVE-2026-5170

MongoDB C Driver MongodbHeap-buffer-over-read in _mongoc_http_send via strstr on non-null-terminated buffer

Risk 15
Severity
2
EPSS
0.03%
First published (updated )
CVE-2026-4359
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2026 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203