Primary

Context

MongoDB KMIP Response Parser Read Access Violation Vulnerability

Vulnerability

Patched

A vulnerability exists in the KMIP response parser of MongoDB binaries, where the parser is excessively lenient with certain malformed packets. This can lead to the creation of invalid objects, which, upon being read later, can cause read access violations. The issue is related to undefined behavior, potentially causing the program to crash or behave incorrectly.

Impact

Exploitation of this vulnerability can lead to read access violations, allowing unauthorized access to certain data or objects.

Remediation

Users can upgrade to MongoDB versions 8.2.0-rc0, 8.0.10, or 7.0.22 to address this vulnerability.

Added: Nov 3, 2025, 9:20 PM

Updated: Nov 3, 2025, 9:20 PM

Vulnerability Rating

Custom Algorithm

spread

6.8

impact

5.0

exploitability

4.4

remediation

7.7

relevance

0.9

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

6.8

impact

5.0

exploitability

4.4

remediation

7.7

relevance

0.9

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

MongoDB KMIP Response Parser Read Access Violation Vulnerability

Vulnerability

Impact

Remediation

Affected Products

MongoDB

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating