MongoDB Server Vulnerability Affecting User Authenticated Queries
CVE-2026-9750

7.1HIGH

Key Information:

Vendor

Mongodb

Vendor
CVE Published:
9 June 2026

What is CVE-2026-9750?

An authenticated user can exploit a flaw in MongoDB servers that allows the creation of documents leading to server crashes or incorrect query results. This issue arises from insufficient segregation between user-defined document fields and the internal metadata used by the server, particularly during query processing. Proper attention to document management can help mitigate the potential impacts of this vulnerability.

Affected Version(s)

MongoDB Server 8.3.0 < 8.3.3

MongoDB Server 8.2.0 < 8.2.10

MongoDB Server 8.0.0 < 8.0.24

References

CVSS V4

Score:
7.1
Severity:
HIGH
Confidentiality:
None
Integrity:
None
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Attack Required:
None
Privileges Required:
Undefined
User Interaction:
None

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.