Primary

Context

MongoDB Denial-of-Service Vulnerability via Proxy Connections

Vulnerability

Patched

A denial-of-service vulnerability has been identified in MongoDB. Connections received from the proxy port may not be properly counted towards the total accepted connections. This can lead to server crashes when the number of connections exceeds available resources. The issue specifically affects connections accepted from the proxy port, pending the proxy protocol header.

Impact

Exploitation of this vulnerability can cause server crashes due to resource exhaustion from uncounted proxy connections.

Remediation

Users can update to MongoDB versions 8.3.0-rc0, 8.2.4, 8.0.18, or 7.0.29 to address this vulnerability.

Added: Feb 10, 2026, 8:17 PM

Updated: Feb 11, 2026, 1:29 AM

Vulnerability Rating

Custom Algorithm

spread

6.8

impact

2.5

exploitability

7.0

remediation

7.7

relevance

2.9

threat

0.0

urgency

2.9

incentive

4.2

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

6.8

impact

2.5

exploitability

7.0

remediation

7.7

relevance

2.9

threat

0.0

urgency

2.9

incentive

4.2

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

MongoDB Denial-of-Service Vulnerability via Proxy Connections

Vulnerability

Impact

Remediation

Affected Products

MongoDB

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating