CVE-2026-9749

EUVD-2026-35865

09.06.2026, 23:17

This issue can occur when running an aggregation pipeline that uses the internal $exchange stage configured with key-range partitioning and order-preserving delivery. If a single key range produces enough documents to fill its exchange buffer (that is, many results are routed to the same consumer), the server reaches the code path where a full per-consumer buffer is detected but the internal "high watermark" for that key range is not updated as intended.

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
mongodb	CNA	6.5 MEDIUM	NETWORK	LOW	LOW	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Base Score

CVSS 3.x

EPSS Score

Percentile: 12%

Early Detection

Affected products identified ahead of NVD analysis through intelligence sources.

Vendor	Product	Version	Source
mongodb	mongodb	8.3.0 ≤ 𝑥 < 8.3.3	CNA
mongodb	mongodb	8.2.0 ≤ 𝑥 < 8.2.10	CNA
mongodb	mongodb	8.0.0 ≤ 𝑥 < 8.0.24	CNA
mongodb	mongodb	7.0.0 ≤ 𝑥 < 7.0.35	CNA

Common Weakness Enumeration

CWE-617 - Reachable Assertion
The product contains an assert() or similar statement that can be triggered by an attacker, which leads to an application exit or other behavior that is more severe than necessary.

Vulnerability Media Exposure

[GERMAN] MongoDB: Mehrere Schwachstellen
Ein Angreifer kann mehrere Schwachstellen in MongoDB ausnutzen, um einen Denial of Service Angriff durchzuführen oder vertrauliche Informationen offenzulegen.
Published: 2026-06-09T22:00:00+00:00

References

https://jira.mongodb.org/browse/SERVER-124031