CVE-2026-25610

See a problem?
Please try reporting it to the source first.

Source

https://cve.org/CVERecord?id=CVE-2026-25610

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-25610.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2026-25610

Aliases

BIT-mongodb-2026-25610

Downstream

MINI-g3vm-4c2p-84c2

MINI-wj9x-5g67-r6fm

UBUNTU-CVE-2026-25610

Published

2026-02-10T19:16:04.037Z

Modified

2026-03-02T08:05:31.201802Z

Severity

7.1 (High) CVSS_V4 - CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X CVSS Calculator

Summary

[none]

Details

An authorized user may trigger a server crash by running a $geoNear pipeline with certain invalid index hints.

References

https://jira.mongodb.org/browse/SERVER-99119

Affected packages

Git / github.com/mongodb/mongo

Affected ranges

Type: GIT
Repo: https://github.com/mongodb/mongo
Events: Introduced

37d84072b5c5b9fd723db5fa133fb202ad2317f1

Fixed

92fa95725267d69dd222dabc5656eb06a4725a91

Introduced

b41cda4fe697dce6fd9b83b3805362ccc02fbeb3

Fixed

cbb5733d12b256fbe5658de85be03a923078257f

Affected versions

r7.*

r7.0.0

r7.0.1

r7.0.1-rc0

r7.0.10

r7.0.10-rc0

r7.0.11

r7.0.11-rc0

r7.0.11-rc1

r7.0.11-rc2

r7.0.12

r7.0.12-rc0

r7.0.12-rc1

r7.0.13

r7.0.13-rc0

r7.0.13-rc1

r7.0.14

r7.0.14-rc0

r7.0.15

r7.0.15-rc0

r7.0.15-rc1

r7.0.16

r7.0.16-rc0

r7.0.16-rc1

r7.0.17

r7.0.18

r7.0.2

r7.0.2-rc0

r7.0.2-rc1

r7.0.2-rc2

r7.0.21

r7.0.21-alpha0

r7.0.21-rc0

r7.0.22

r7.0.22-rc0

r7.0.23

r7.0.23-rc0

r7.0.23-rc1

r7.0.24

r7.0.24-rc0

r7.0.25-alpha0

r7.0.26

r7.0.26-rc0

r7.0.27-alpha0

r7.0.28

r7.0.29

r7.0.3

r7.0.3-rc0

r7.0.3-rc1

r7.0.30

r7.0.4

r7.0.4-rc0

r7.0.5

r7.0.5-rc0

r7.0.6

r7.0.6-rc0

r7.0.7

r7.0.7-rc0

r7.0.7-rc1

r7.0.7-rc2

r7.0.8

r7.0.8-rc0

r7.0.9

r7.0.9-rc0

r7.0.9-rc1

r8.*

r8.0.0

r8.0.1

r8.0.1-rc0

r8.0.10

r8.0.10-rc0

r8.0.12

r8.0.12-rc0

r8.0.13

r8.0.13-rc0

r8.0.13-rc1

r8.0.13-rc2

r8.0.14

r8.0.14-rc0

r8.0.14-rc1

r8.0.15

r8.0.16

r8.0.16-rc0

r8.0.16-rc1

r8.0.17

r8.0.17-alpha0

r8.0.18

r8.0.19

r8.0.2

r8.0.3

r8.0.4

r8.0.4-rc0

r8.0.5

r8.0.5-rc0

r8.0.5-rc1

r8.0.5-rc2

r8.0.6

Database specific

vanir_signatures

[
    {
        "id": "CVE-2026-25610-505e10b7",
        "signature_version": "v1",
        "deprecated": false,
        "source": "https://github.com/mongodb/mongo/commit/92fa95725267d69dd222dabc5656eb06a4725a91",
        "target": {
            "function": "ExecCommandDatabase::_initiateCommand",
            "file": "src/mongo/db/service_entry_point_common.cpp"
        },
        "digest": {
            "length": 9728.0,
            "function_hash": "59615453827642453525115701432201606392"
        },
        "signature_type": "Function"
    },
    {
        "id": "CVE-2026-25610-9a1fbe67",
        "signature_version": "v1",
        "deprecated": false,
        "source": "https://github.com/mongodb/mongo/commit/92fa95725267d69dd222dabc5656eb06a4725a91",
        "target": {
            "file": "src/mongo/db/service_entry_point_common.cpp"
        },
        "digest": {
            "threshold": 0.9,
            "line_hashes": [
                "11272611040114298527385613556453291829",
                "175117650864466198429070599697755025763",
                "259372737161260841017051100781998432651",
                "190191220307360414594805946771026217001",
                "29054105381567763046288516247318577171",
                "80859590129831648960865656848228415255",
                "259393610319526121774434945054847506142"
            ]
        },
        "signature_type": "Line"
    }
]

source

"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-25610.json"