Approved changes feed: RSS · Atom
cpe:2.3:a:mongodb:mongodb:8.0.6:*:*:*:*:*:*:*
part: a version: 8.0.6 update: *
| Vendor | Mongodb (1aa156a6-63a9-5032-baaf-10197d408a1e) |
|---|---|
| Product | Mongodb (fa9f1f9b-0cc9-5830-a189-b908276ac432) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from gcve-enriched-dumps CVE data |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
| No PURL mappings for this CPE yet. | ||
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2025-6714 |
vulnerable | 2026-06-03 15:12:28.712391 |
Incorrect Handling of incomplete data may prevent mongoS from Accepting New Connections
HIGH (7.5)
MongoDB Server's mongos component can become unresponsive to new connections due to incorrect handling of incomplete data. This affects MongoDB when configured with load balancer support. This issue affects MongoDB Server v6.0 prior to 6.0.23, MongoDB Server v7.0 prior to 7.0.20 and MongoDB Server v8.0 prior to 8.0.9
Required Configuration:
This affects MongoDB sharded clusters when configured with load balancer support for mongos using HAProxy on specified ports.
Published: 2025-07-07T14:48:48.312Z
Updated: 2025-07-07T19:11:47.975Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2025-6713 |
vulnerable | 2026-06-03 15:12:28.708716 |
MongoDB Server may be susceptible to privilege escalation due to $mergeCursors stage
HIGH (7.7)
An unauthorized user may leverage a specially crafted aggregation pipeline to access data without proper authorization due to improper handling of the $mergeCursors stage in MongoDB Server. This may lead to access to data without further authorisation. This issue affects MongoDB Server MongoDB Server v8.0 versions prior to 8.0.7, MongoDB Server v7.0 versions prior to 7.0.19 and MongoDB Server v6.0 versions prior to 6.0.22
Published: 2025-07-07T14:46:36.201Z
Updated: 2025-07-18T05:50:23.153Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2025-6712 |
vulnerable | 2026-06-03 15:12:28.702242 |
MongoDB Server may be susceptible to DoS due to Accumulated Memory Allocation
MEDIUM (6.5)
MongoDB Server may be susceptible to disruption caused by high memory usage, potentially leading to server crash. This condition is linked to inefficiencies in memory management related to internal operations. In scenarios where certain internal processes persist longer than anticipated, memory consumption can increase, potentially impacting server stability and availability. This issue affects MongoDB Server v8.0 versions prior to 8.0.10
Published: 2025-07-07T14:44:38.183Z
Updated: 2025-07-07T14:53:47.097Z Reference links |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.