Primary

Context

MongoDB Server Stack Overflow Vulnerability Leading to Denial-of-Service

Vulnerability

Patched

A stack overflow vulnerability has been identified in MongoDB Server's JSON parsing mechanism. This issue allows specifically crafted JSON inputs to create excessive recursion, consuming large amounts of stack space and causing the server to crash. The vulnerability can be exploited pre-authentication. It affects MongoDB Server versions 7.0 prior to 7.0.17, 8.0 prior to 8.0.5, and 6.0 prior to 6.0.21, with the latter requiring authentication for exploitation.

Impact

Exploitation of this vulnerability causes a denial-of-service condition by crashing the MongoDB server.

Remediation

Users can upgrade to MongoDB Server versions 8.0.5, 7.0.17, or 6.0.21 to address this vulnerability.

Added: Sep 1, 2025, 7:22 PM

Updated: Sep 1, 2025, 7:22 PM

Vulnerability Rating

Custom Algorithm

spread

6.8

impact

2.5

exploitability

7.0

remediation

7.7

relevance

0.2

threat

0.0

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

6.8

impact

2.5

exploitability

7.0

remediation

7.7

relevance

0.2

threat

0.0

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

MongoDB Server Stack Overflow Vulnerability Leading to Denial-of-Service

Vulnerability

Impact

Remediation

Affected Products

MongoDB Server

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating