Primary

Context

MongoDB Server Denial-of-Service Vulnerability in $geoNear Pipeline

Vulnerability

Patched

A denial-of-service vulnerability has been identified in MongoDB Server. An authorized user can cause a server crash by executing a $geoNear pipeline with specific invalid index hints. This issue affects MongoDB versions 8.1.0-rc0, 8.0.13, and 7.0.29.

Impact

Exploitation of this vulnerability leads to a server crash, causing a denial-of-service condition.

Added: Feb 10, 2026, 8:11 PM

Updated: Feb 11, 2026, 1:16 AM

Vulnerability Rating

Custom Algorithm

spread

6.8

impact

2.5

exploitability

4.9

remediation

7.7

relevance

2.7

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

6.8

impact

2.5

exploitability

4.9

remediation

7.7

relevance

2.7

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

MongoDB Server Denial-of-Service Vulnerability in $geoNear Pipeline

Vulnerability

Impact

Affected Products

MongoDB

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating