MongoDB GridFS Metadata Validation Vulnerability Allowing Buffer Overflow

Vulnerability

A vulnerability exists in MongoDB's handling of user-controlled chunkSize metadata within GridFS. The issue arises from inadequate validation of the metadata, which can lead to malformed GridFS metadata overflowing its designated container. This vulnerability affects several versions of the MongoDB C Driver.

Impact

Exploitation of this vulnerability can cause a buffer overflow, which may lead to arbitrary code execution or other unintended behavior by overwriting memory.

Added: Jan 27, 2026, 6:29 PM

Updated: Jan 27, 2026, 6:29 PM

Vulnerability Rating

Custom Algorithm

spread

6.8

impact

7.5

exploitability

3.5

remediation

0.0

relevance

2.4

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

6.8

impact

7.5

exploitability

3.5

remediation

0.0

relevance

2.4

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

MongoDB GridFS Metadata Validation Vulnerability Allowing Buffer Overflow

Vulnerability

Impact

Affected Products

MongoDB

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating