Judah Schvimer

**Name of the Vulnerable Software and Affected Versions** MongoDB Server versions 5.0.0 through 5.0.16 MongoDB Server versions 6.0.0 through 6.0.5 **Description** An unauthenticated user can trigger a fatal assertion in the server while generating ftdc diagnostic metrics due to attempting to build a BSON object that exceeds certain memory sizes. **Recommendations** For MongoDB Server versions 5.0.0 through 5.0.16, update to a version later than 5.0.16. For MongoDB Server versions 6.0.0 through 6.0.5, update to a version later than 6.0.5.