Server Connection Management Issue in MongoDB
CVE-2026-1848

8.2HIGH

Key Information:

Vendor: MongoDB
Status: Mongodb Server
Vendor: CVE Published:; 10 February 2026

What is CVE-2026-1848?

A vulnerability in MongoDB Server can lead to server instability due to improper management of connections originating from the proxy port. This flaw results in connections from the proxy not being counted towards the total accepted connections. Consequently, if the number of active connections from this source exceeds the server's available resources, it can lead to server crashes, affecting application uptime and reliability.

Affected Version(s)

MongoDB Server 8.2 < 8.2.4

MongoDB Server 8.0 < 8.0.18

MongoDB Server 7.0 < 7.0.29

References

https://jira.mongodb.org/browse/SERVER-114695

CVSS V4

Score:

8.2

Severity:

HIGH

Confidentiality:

None

Integrity:

None

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Attack Required:

Physical

Privileges Required:

Undefined

User Interaction:

None

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Feb 10, 2026
Vulnerability Reserved
Feb 3, 2026

CVE-2026-1848 Data

JSON