Replication Stall in MongoDB Due to Large Document Insertion
CVE-2026-1847

7.1HIGH

Key Information:

Vendor: MongoDB
Status: Mongodb Server
Vendor: CVE Published:; 10 February 2026

What is CVE-2026-1847?

Inserting oversized documents into MongoDB replica sets can hinder secondaries from retrieving the oplog from the primary. This behavior can lead to stalled replication processes, which may ultimately result in server crashes and compromised data integrity. Organizations using affected versions of MongoDB should take precautions to monitor document sizes and review their replica set configurations to mitigate potential disruptions.

Affected Version(s)

MongoDB Server 8.0 < 8.0.18

MongoDB Server 7.0 < 7.0.29

References

https://jira.mongodb.org/browse/SERVER-113532

CVSS V4

Score:

7.1

Severity:

HIGH

Confidentiality:

None

Integrity:

None

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

None

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Feb 10, 2026
Vulnerability Reserved
Feb 3, 2026

CVE-2026-1847 Data

JSON