Vulnerabilities in MongoDB Inc.
53 resultsCVE-2021-32039MEDIUMMongoDB Extension for VS Code may unexpectedly store credentials locally in clear textEPSS 0.3%CVE-2025-13644HIGHMongoDB may be susceptible to Invariant Failure due to batched deleteEPSS 0.3%CVE-2025-13507HIGHTime-series operations may cause internal BSON size limit to be exceedEPSS 0.2%CVE-2025-11979MEDIUMUse-after-free in the MongoDB server query planner may lead to crash or undefined behaviorEPSS 0.2%CVE-2026-8063HIGHPost-auth null pointer dereference when aggregating against a view with empty search pipelineEPSS 0.2%CVE-2021-20327MEDIUMMongoDB Node.js client side field level encryption library may not be validating KMS certificateEPSS 0.2%CVE-2021-20334MEDIUMLocal privilege escalation in MongoDB Compass for WindowsEPSS 0.2%CVE-2025-14345LOWCross-Shard Failovers May Lead to Partial Transaction Commit in MongoDB ServerEPSS 0.2%CVE-2025-13643LOWMongoDB Server may allow queries to be terminated by unauthorized usersEPSS 0.2%CVE-2026-6231MEDIUMbson_validate may skip validation when processing certain inputsEPSS 0.2%CVE-2021-20335MEDIUMSSL may be unexpectedly disabled during upgrade of multiple-server MongoDB Ops ManagerEPSS 0.1%CVE-2026-6691HIGHMongoDB C Driver Cyrus SASL Canonicalization Buffer OverflowEPSS 0.1%CVE-2025-12893LOWImproper Certificate Validation May Allow Successful TLS Handshaking Despite Invalid Extended Key Usage Fields in MongoDB ServerEPSS 0.1%