GHSA-wvrr-4w4f-3v54HighCVSS 7.5

A vulnerability in MongoDB Server's BSON validation logic allows an unauthenticated user to crash...

Published
June 10, 2026
Last Modified
June 10, 2026

🔗 CVE IDs covered (1)

📋 Description

A vulnerability in MongoDB Server's BSON validation logic allows an unauthenticated user to crash the mongod process by sending a specially crafted message. The BSON validator's handling of certain nested binary data structures permits uncontrolled mutual recursion between validation functions, where each re-entry resets internal depth tracking.

🔗 References (3)