BIT-mongodb-2026-8200

See a problem?

Import Source

https://github.com/bitnami/vulndb/tree/main/data/mongodb/BIT-mongodb-2026-8200.json

JSON Data

https://api.osv.dev/v1/vulns/BIT-mongodb-2026-8200

Aliases

CVE-2026-8200

Published

2026-05-19T08:53:47.596Z

Modified

2026-05-19T09:30:11.771991268Z

Summary

Schema validation log messages may not redact user data

Details

When schema validation is enabled on a collection and an update or insert would violate the collection's schema, the local server log message generated may not have all user data redacted.

This issue impacts MongoDB Server v7.0 versions prior to 7.0.34, v8.0 versions prior to 8.0.23, v8.2 versions prior to 8.2.9 and v8.3 versions prior to 8.3.2.

Database specific

{
    "cpes": [
        "cpe:2.3:a:mongodb:mongodb:*:*:*:*:*:*:*:*"
    ],
    "severity": "Medium"
}

References

Affected packages

Bitnami / mongodb

Package

Name: mongodb
Purl: pkg:bitnami/mongodb

Severity

4.8 (Medium) CVSS_V4 - CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:P/VC:L/VI:N/VA:N/SC:L/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X CVSS Calculator

Affected ranges

Type: SEMVER
Events: Introduced

7.0.0

Fixed

7.0.34

Introduced

8.0.0

Fixed

8.0.23

Introduced

8.2.0

Fixed

8.2.9

Introduced

8.3.0

Fixed

8.3.2

Database specific

source

"https://github.com/bitnami/vulndb/tree/main/data/mongodb/BIT-mongodb-2026-8200.json"