Memory Management Flaw in MongoDB Server Affects Performance and Stability
CVE-2025-6712

6.5MEDIUM

Key Information:

Vendor: MongoDB
Status: Mongodb Server
Vendor: CVE Published:; 7 July 2025

What is CVE-2025-6712?

The MongoDB Server is impacted by a memory management issue that can lead to increased memory consumption, potentially causing server instability and crashes. This vulnerability arises when certain internal operations continue longer than expected, resulting in excessive memory usage. The versions affected include all MongoDB Server v8.0 releases prior to 8.0.10, which may compromise the availability and reliability of the server.

Affected Version(s)

MongoDB Server 8.0 < 8.0.10

References

https://jira.mongodb.org/browse/SERVER-106751

CVSS V3.1

Score:

6.5

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jul 7, 2025
Vulnerability Reserved
Jun 26, 2025