CVE-2026-1849

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2026-1849
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-1849.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2026-1849
Aliases
Downstream
Published
2026-02-10T19:15:51.477Z
Modified
2026-03-02T08:09:27.268098Z
Severity
  • 7.5 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
Summary
[none]
Details

MongoDB Server may experience an out-of-memory failure while evaluating expressions that produce deeply nested documents. The issue arises in recursive functions because the server does not periodically check the depth of the expression.

References

Affected packages

Git / github.com/mongodb/mongo

Affected ranges

Type
GIT
Repo
https://github.com/mongodb/mongo
Events
Introduced
37d84072b5c5b9fd723db5fa133fb202ad2317f1
Fixed
b409fb494004bf0f7284059b806b3b751a2ec5d9
Introduced
b41cda4fe697dce6fd9b83b3805362ccc02fbeb3
Fixed
af851bae82a9fc9d93657f9707a845990460898e
Introduced
b993867dce63dd366cd93e60f3f425ed716f6497
Fixed
d4511d28ec0c73f0c476027a943c0176c8a16f02

Affected versions

r7.*
r7.0.0
r7.0.1
r7.0.1-rc0
r7.0.10
r7.0.10-rc0
r7.0.11
r7.0.11-rc0
r7.0.11-rc1
r7.0.11-rc2
r7.0.12
r7.0.12-rc0
r7.0.12-rc1
r7.0.13
r7.0.13-rc0
r7.0.13-rc1
r7.0.14
r7.0.14-rc0
r7.0.15
r7.0.15-rc0
r7.0.15-rc1
r7.0.16
r7.0.16-rc0
r7.0.16-rc1
r7.0.17
r7.0.18
r7.0.2
r7.0.2-rc0
r7.0.2-rc1
r7.0.2-rc2
r7.0.21
r7.0.21-alpha0
r7.0.21-rc0
r7.0.22
r7.0.22-rc0
r7.0.23
r7.0.23-rc0
r7.0.23-rc1
r7.0.24
r7.0.24-rc0
r7.0.25-alpha0
r7.0.26
r7.0.26-rc0
r7.0.27-alpha0
r7.0.28
r7.0.3
r7.0.3-rc0
r7.0.3-rc1
r7.0.4
r7.0.4-rc0
r7.0.5
r7.0.5-rc0
r7.0.6
r7.0.6-rc0
r7.0.7
r7.0.7-rc0
r7.0.7-rc1
r7.0.7-rc2
r7.0.8
r7.0.8-rc0
r7.0.9
r7.0.9-rc0
r7.0.9-rc1
r8.*
r8.0.0
r8.0.1
r8.0.1-rc0
r8.0.10
r8.0.10-rc0
r8.0.12
r8.0.12-rc0
r8.0.13
r8.0.13-rc0
r8.0.13-rc1
r8.0.13-rc2
r8.0.14
r8.0.14-rc0
r8.0.14-rc1
r8.0.16
r8.0.16-rc0
r8.0.16-rc1
r8.0.17
r8.0.17-alpha0
r8.0.2
r8.0.3
r8.0.4
r8.0.4-rc0
r8.0.5
r8.0.5-rc0
r8.0.5-rc1
r8.0.5-rc2
r8.0.6
r8.2.0
r8.2.1
r8.2.1-rc0
r8.2.1-rc1

Database specific

source 
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-1849.json"
vanir_signatures 
[
    {
        "deprecated": false,
        "signature_version": "v1",
        "digest": {
            "threshold": 0.9,
            "line_hashes": [
                "11272611040114298527385613556453291829",
                "175117650864466198429070599697755025763",
                "259372737161260841017051100781998432651",
                "190191220307360414594805946771026217001",
                "29054105381567763046288516247318577171",
                "80859590129831648960865656848228415255",
                "259393610319526121774434945054847506142"
            ]
        },
        "source": "https://github.com/mongodb/mongo/commit/b409fb494004bf0f7284059b806b3b751a2ec5d9",
        "signature_type": "Line",
        "id": "CVE-2026-1849-b3f79aa4",
        "target": {
            "file": "src/mongo/db/service_entry_point_common.cpp"
        }
    },
    {
        "deprecated": false,
        "signature_version": "v1",
        "digest": {
            "function_hash": "59615453827642453525115701432201606392",
            "length": 9728.0
        },
        "source": "https://github.com/mongodb/mongo/commit/b409fb494004bf0f7284059b806b3b751a2ec5d9",
        "signature_type": "Function",
        "id": "CVE-2026-1849-b50a3bee",
        "target": {
            "file": "src/mongo/db/service_entry_point_common.cpp",
            "function": "ExecCommandDatabase::_initiateCommand"
        }
    }
]